@webiny/pulumi-aws 5.37.0-beta.0 → 5.37.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/apps/admin/createAdminPulumiApp.js.map +1 -1
- package/apps/admin/index.js.map +1 -1
- package/apps/api/ApiApwScheduler.js.map +1 -1
- package/apps/api/ApiCloudfront.js.map +1 -1
- package/apps/api/ApiFileManager.js.map +1 -1
- package/apps/api/ApiGateway.js.map +1 -1
- package/apps/api/ApiGraphql.js.map +1 -1
- package/apps/api/ApiMigration.js.map +1 -1
- package/apps/api/ApiOutput.js.map +1 -1
- package/apps/api/ApiPageBuilder.js +12 -3
- package/apps/api/ApiPageBuilder.js.map +1 -1
- package/apps/api/createApiPulumiApp.js.map +1 -1
- package/apps/api/index.js.map +1 -1
- package/apps/awsUtils.js.map +1 -1
- package/apps/common/CoreOutput.js.map +1 -1
- package/apps/common/VpcConfig.js.map +1 -1
- package/apps/common/index.js.map +1 -1
- package/apps/core/CoreCognito.js.map +1 -1
- package/apps/core/CoreDynamo.js.map +1 -1
- package/apps/core/CoreElasticSearch.js.map +1 -1
- package/apps/core/CoreEventBus.js.map +1 -1
- package/apps/core/CoreFileManager.js.map +1 -1
- package/apps/core/CoreVpc.js.map +1 -1
- package/apps/core/createCorePulumiApp.js.map +1 -1
- package/apps/core/index.js.map +1 -1
- package/apps/createAppBucket.js.map +1 -1
- package/apps/customDomain.js.map +1 -1
- package/apps/index.js.map +1 -1
- package/apps/lambdaUtils.js.map +1 -1
- package/apps/react/createReactPulumiApp.js.map +1 -1
- package/apps/react/index.js.map +1 -1
- package/apps/tenantRouter.js.map +1 -1
- package/apps/website/WebsitePrerendering.js.map +1 -1
- package/apps/website/createWebsitePulumiApp.js.map +1 -1
- package/apps/website/deliveryViewerRequest.js.map +1 -1
- package/apps/website/index.js.map +1 -1
- package/components/tenantRouter/WebsiteTenantRouter.js.map +1 -1
- package/components/tenantRouter/functions/origin/request.js.map +1 -1
- package/enterprise/createAdminPulumiApp.js.map +1 -1
- package/enterprise/createApiPulumiApp.js.map +1 -1
- package/enterprise/createCorePulumiApp.js.map +1 -1
- package/enterprise/createWebsitePulumiApp.js.map +1 -1
- package/enterprise/index.js.map +1 -1
- package/index.js.map +1 -1
- package/package.json +13 -13
- package/utils/addDomainsUrlsOutputs.js.map +1 -1
- package/utils/crawlDirectory.js.map +1 -1
- package/utils/getPresignedPost.js.map +1 -1
- package/utils/index.js.map +1 -1
- package/utils/lambdaEnvVariables.js.map +1 -1
- package/utils/tagResources.js.map +1 -1
- package/utils/uploadFolderToS3.js.map +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["createAdminPulumiApp","projectAppParams","createReactPulumiApp","name","folder"],"sources":["createAdminPulumiApp.ts"],"sourcesContent":["import { PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { createReactPulumiApp, CustomDomainParams } from \"~/apps\";\n\nexport type AdminPulumiApp = ReturnType<typeof createReactPulumiApp>;\n\nexport interface CreateAdminPulumiAppParams {\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: AdminPulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createAdminPulumiApp = (projectAppParams: CreateAdminPulumiAppParams) => {\n return createReactPulumiApp({\n name: \"admin\",\n folder: \"apps/admin\",\n ...projectAppParams\n });\n};\n"],"mappings":";;;;;;;;AACA;AA2BO,
|
|
1
|
+
{"version":3,"names":["_","require","createAdminPulumiApp","projectAppParams","createReactPulumiApp","_objectSpread2","default","name","folder","exports"],"sources":["createAdminPulumiApp.ts"],"sourcesContent":["import { PulumiAppParam, PulumiAppParamCallback } from \"@webiny/pulumi\";\nimport { createReactPulumiApp, CustomDomainParams } from \"~/apps\";\n\nexport type AdminPulumiApp = ReturnType<typeof createReactPulumiApp>;\n\nexport interface CreateAdminPulumiAppParams {\n /** Custom domain configuration */\n domains?: PulumiAppParamCallback<CustomDomainParams>;\n\n /**\n * Provides a way to adjust existing Pulumi code (cloud infrastructure resources)\n * or add additional ones into the mix.\n */\n pulumi?: (app: AdminPulumiApp) => void | Promise<void>;\n\n /**\n * Prefixes names of all Pulumi cloud infrastructure resource with given prefix.\n */\n pulumiResourceNamePrefix?: PulumiAppParam<string>;\n\n /**\n * Treats provided environments as production environments, which\n * are deployed in production deployment mode.\n * https://www.webiny.com/docs/architecture/deployment-modes/production\n */\n productionEnvironments?: PulumiAppParam<string[]>;\n}\n\nexport const createAdminPulumiApp = (projectAppParams: CreateAdminPulumiAppParams) => {\n return createReactPulumiApp({\n name: \"admin\",\n folder: \"apps/admin\",\n ...projectAppParams\n });\n};\n"],"mappings":";;;;;;;;AACA,IAAAA,CAAA,GAAAC,OAAA;AA2BO,MAAMC,oBAAoB,GAAIC,gBAA4C,IAAK;EAClF,OAAO,IAAAC,sBAAoB,MAAAC,cAAA,CAAAC,OAAA;IACvBC,IAAI,EAAE,OAAO;IACbC,MAAM,EAAE;EAAY,GACjBL,gBAAgB,CACtB,CAAC;AACN,CAAC;AAACM,OAAA,CAAAP,oBAAA,GAAAA,oBAAA"}
|
package/apps/admin/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":[],"sources":["index.ts"],"sourcesContent":["export * from \"./createAdminPulumiApp\";\n"],"mappings":";;;;;AAAA;
|
|
1
|
+
{"version":3,"names":["_createAdminPulumiApp","require","Object","keys","forEach","key","exports","defineProperty","enumerable","get"],"sources":["index.ts"],"sourcesContent":["export * from \"./createAdminPulumiApp\";\n"],"mappings":";;;;;AAAA,IAAAA,qBAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,qBAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAA,GAAA,IAAAC,OAAA,IAAAA,OAAA,CAAAD,GAAA,MAAAL,qBAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAK,cAAA,CAAAD,OAAA,EAAAD,GAAA;IAAAG,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAT,qBAAA,CAAAK,GAAA;IAAA;EAAA;AAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["LAMBDA_NAME_PREFIX","CREATE_RULE_LAMBDA","EXECUTE_ACTION_LAMBDA","EVENT_RULE_NAME","EVENT_RULE_TARGET","ApiApwScheduler","createAppModule","name","config","app","params","executeAction","createExecuteActionLambda","scheduleAction","createScheduleActionLambda","lambda","output","eventRule","addResource","aws","cloudwatch","EventRule","description","scheduleExpression","isEnabled","Permission","action","function","arn","principal","statementId","eventTarget","EventTarget","rule","role","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","policy","createExecuteActionLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaBasicExecutionRole","Function","runtime","handler","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","core","getModule","CoreOutput","Policy","Sid","Resource","interpolate","primaryDynamodbTableArn","executeLambda","createScheduleActionLambdaPolicy","APW_SCHEDULER_EXECUTE_ACTION_HANDLER"],"sources":["ApiApwScheduler.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { getCommonLambdaEnvVariables } from \"../lambdaUtils\";\n\ninterface ScheduleActionParams {\n env: Record<string, any>;\n}\n\nconst LAMBDA_NAME_PREFIX = \"apw-scheduler\";\nconst CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;\nconst EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;\nconst EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;\nconst EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;\n\nexport type ApiApwScheduler = PulumiAppModule<typeof ApiApwScheduler>;\n\nexport const ApiApwScheduler = createAppModule({\n name: \"ApiApwScheduler\",\n config(app: PulumiApp, params: ScheduleActionParams) {\n const executeAction = createExecuteActionLambda(app, params);\n const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params);\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EVENT_RULE_NAME,\n config: {\n description: `Enable us to schedule an action in publishing workflow at a particular datetime`,\n scheduleExpression: \"cron(* * * * ? 2000)\",\n isEnabled: true\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: \"eventTargetPermission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: scheduleAction.lambda.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EVENT_RULE_NAME\n }\n });\n\n // Add lambda as target to the event rule.\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: scheduleAction.lambda.output.arn\n }\n });\n\n return {\n executeAction,\n scheduleAction,\n eventRule,\n eventTarget\n };\n }\n});\n\nfunction createExecuteActionLambda(app: PulumiApp, params: ScheduleActionParams) {\n const role = app.addResource(aws.iam.Role, {\n name: `${EXECUTE_ACTION_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createExecuteActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: EXECUTE_ACTION_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle execute action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/executeAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createExecuteActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerExecuteActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:Query\", \"dynamodb:GetItem\", \"dynamodb:DeleteItem\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createScheduleActionLambda(\n app: PulumiApp,\n executeLambda: pulumi.Output<aws.lambda.Function>,\n params: ScheduleActionParams\n) {\n const role = app.addResource(aws.iam.Role, {\n name: `${CREATE_RULE_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createScheduleActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: CREATE_RULE_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle schedule action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/scheduleAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn\n // RULE_NAME: this.eventRule.name.apply(name => name),\n // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createScheduleActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerScheduleActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:GetItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionEvents\",\n Effect: \"Allow\",\n Action: [\n \"events:DeleteRule\",\n \"events:PutTargets\",\n \"events:PutRule\",\n \"events:ListRules\",\n \"events:RemoveTargets\",\n \"events:ListTargetsByRule\"\n ],\n Resource: [\"*\"]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AAMA,MAAMA,kBAAkB,GAAG,eAAe;AAC1C,MAAMC,kBAAkB,GAAI,GAAED,kBAAmB,yBAAwB;AACzE,MAAME,qBAAqB,GAAI,GAAEF,kBAAmB,wBAAuB;AAC3E,MAAMG,eAAe,GAAI,GAAEH,kBAAmB,aAAY;AAC1D,MAAMI,iBAAiB,GAAI,GAAEJ,kBAAmB,oBAAmB;AAI5D,MAAMK,eAAe,GAAG,IAAAC,wBAAe,EAAC;EAC3CC,IAAI,EAAE,iBAAiB;EACvBC,MAAM,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMC,aAAa,GAAGC,yBAAyB,CAACH,GAAG,EAAEC,MAAM,CAAC;IAC5D,MAAMG,cAAc,GAAGC,0BAA0B,CAACL,GAAG,EAAEE,aAAa,CAACI,MAAM,CAACC,MAAM,EAAEN,MAAM,CAAC;;IAE3F;IACA,MAAMO,SAAS,GAAGR,GAAG,CAACS,WAAW,CAACC,GAAG,CAACC,UAAU,CAACC,SAAS,EAAE;MACxDd,IAAI,EAAEJ,eAAe;MACrBK,MAAM,EAAE;QACJc,WAAW,EAAG,iFAAgF;QAC9FC,kBAAkB,EAAE,sBAAsB;QAC1CC,SAAS,EAAE;MACf;IACJ,CAAC,CAAC;;IAEF;IACAf,GAAG,CAACS,WAAW,CAACC,GAAG,CAACJ,MAAM,CAACU,UAAU,EAAE;MACnClB,IAAI,EAAE,uBAAuB;MAC7BC,MAAM,EAAE;QACJkB,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEd,cAAc,CAACE,MAAM,CAACC,MAAM,CAACY,GAAG;QAC1CC,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAG3B;MACxC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAM4B,WAAW,GAAGtB,GAAG,CAACS,WAAW,CAACC,GAAG,CAACC,UAAU,CAACY,WAAW,EAAE;MAC5DzB,IAAI,EAAEH,iBAAiB;MACvBI,MAAM,EAAE;QACJyB,IAAI,EAAEhB,SAAS,CAACD,MAAM,CAACT,IAAI;QAC3BqB,GAAG,EAAEf,cAAc,CAACE,MAAM,CAACC,MAAM,CAACY;MACtC;IACJ,CAAC,CAAC;IAEF,OAAO;MACHjB,aAAa;MACbE,cAAc;MACdI,SAAS;MACTc;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAAC;AAEH,SAASnB,yBAAyB,CAACH,GAAc,EAAEC,MAA4B,EAAE;EAC7E,MAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACC,IAAI,EAAE;IACvC7B,IAAI,EAAG,GAAEL,qBAAsB,OAAM;IACrCM,MAAM,EAAE;MACJ6B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,+BAA+B,CAACtC,GAAG,CAAC;EAEnDA,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEL,qBAAsB,yBAAwB;IACvDM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAEH,MAAM,CAAC9B,MAAM,CAACY;IAC7B;EACJ,CAAC,CAAC;EAEFnB,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEL,qBAAsB,8BAA6B;IAC5DM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAE9B,GAAG,CAACgB,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMpC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACC,GAAG,CAACJ,MAAM,CAACqC,QAAQ,EAAE;IAChD7C,IAAI,EAAEL,qBAAqB;IAC3BM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM,CAACY,GAAG;MACrByB,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACflC,WAAW,EAAE,iDAAiD;MAC9DmC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACtD,GAAG,CAACuD,KAAK,CAACC,SAAS,EAAE,yBAAyB,CAAC;MAEjE,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,gEAC7CA,KAAK,GACL5D,MAAM,CAAC6D,GAAG,CACf;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHrC,IAAI;IACJY,MAAM;IACN/B;EACJ,CAAC;AACL;AAEA,SAASgC,+BAA+B,CAACtC,GAAc,EAAE;EACrD,MAAM+D,IAAI,GAAG/D,GAAG,CAACgE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOjE,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACwC,MAAM,EAAE;IACnCpE,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJc,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;UACrEqC,QAAQ,EAAE,CACNnB,MAAM,CAACoB,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDrB,MAAM,CAACoB,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASjE,0BAA0B,CAC/BL,GAAc,EACduE,aAAiD,EACjDtE,MAA4B,EAC9B;EACE,MAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACC,IAAI,EAAE;IACvC7B,IAAI,EAAG,GAAEN,kBAAmB,OAAM;IAClCO,MAAM,EAAE;MACJ6B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGmC,gCAAgC,CAACxE,GAAG,CAAC;EAEpDA,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEN,kBAAmB,yBAAwB;IACpDO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAEH,MAAM,CAAC9B,MAAM,CAACY;IAC7B;EACJ,CAAC,CAAC;EAEFnB,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEN,kBAAmB,8BAA6B;IACzDO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAE9B,GAAG,CAACgB,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMpC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACC,GAAG,CAACJ,MAAM,CAACqC,QAAQ,EAAE;IAChD7C,IAAI,EAAEN,kBAAkB;IACxBO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM,CAACY,GAAG;MACrByB,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACflC,WAAW,EAAE,kDAAkD;MAC/DmC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACtD,GAAG,CAACuD,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAAC;MAElE,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACL5D,MAAM,CAAC6D,GAAG;UACbW,oCAAoC,EAAEF,aAAa,CAACpD;UACpD;UACA;QAAA,EACF;MACN;IACJ;EACJ,CAAC,CAAC;;EAEF,OAAO;IACHM,IAAI;IACJY,MAAM;IACN/B;EACJ,CAAC;AACL;AAEA,SAASkE,gCAAgC,CAACxE,GAAc,EAAE;EACtD,MAAM+D,IAAI,GAAG/D,GAAG,CAACgE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOjE,GAAG,CAACS,WAAW,CAACC,GAAG,CAACgB,GAAG,CAACwC,MAAM,EAAE;IACnCpE,IAAI,EAAE,wCAAwC;IAC9CC,MAAM,EAAE;MACJc,WAAW,EAAE,sEAAsE;MACnFwB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIqC,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,CACxB;UACDqC,QAAQ,EAAE,CACNnB,MAAM,CAACoB,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDrB,MAAM,CAACoB,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIH,GAAG,EAAE,kBAAkB;UACvBjC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,sBAAsB,EACtB,0BAA0B,CAC7B;UACDqC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN"}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_pulumi2","_common","_lambdaUtils","LAMBDA_NAME_PREFIX","CREATE_RULE_LAMBDA","EXECUTE_ACTION_LAMBDA","EVENT_RULE_NAME","EVENT_RULE_TARGET","ApiApwScheduler","createAppModule","name","config","app","params","executeAction","createExecuteActionLambda","scheduleAction","createScheduleActionLambda","lambda","output","eventRule","addResource","cloudwatch","EventRule","description","scheduleExpression","isEnabled","Permission","action","function","arn","principal","statementId","eventTarget","EventTarget","rule","exports","role","iam","Role","assumeRolePolicy","Version","Statement","Action","Principal","Service","Effect","meta","isLambdaFunctionRole","policy","createExecuteActionLambdaPolicy","RolePolicyAttachment","policyArn","ManagedPolicy","AWSLambdaBasicExecutionRole","Function","runtime","handler","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","_objectSpread2","default","env","core","getModule","CoreOutput","Policy","Sid","Resource","interpolate","primaryDynamodbTableArn","executeLambda","createScheduleActionLambdaPolicy","APW_SCHEDULER_EXECUTE_ACTION_HANDLER"],"sources":["ApiApwScheduler.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { getCommonLambdaEnvVariables } from \"../lambdaUtils\";\n\ninterface ScheduleActionParams {\n env: Record<string, any>;\n}\n\nconst LAMBDA_NAME_PREFIX = \"apw-scheduler\";\nconst CREATE_RULE_LAMBDA = `${LAMBDA_NAME_PREFIX}-schedule-action-lambda`;\nconst EXECUTE_ACTION_LAMBDA = `${LAMBDA_NAME_PREFIX}-execute-action-lambda`;\nconst EVENT_RULE_NAME = `${LAMBDA_NAME_PREFIX}-event-rule`;\nconst EVENT_RULE_TARGET = `${LAMBDA_NAME_PREFIX}-event-rule-target`;\n\nexport type ApiApwScheduler = PulumiAppModule<typeof ApiApwScheduler>;\n\nexport const ApiApwScheduler = createAppModule({\n name: \"ApiApwScheduler\",\n config(app: PulumiApp, params: ScheduleActionParams) {\n const executeAction = createExecuteActionLambda(app, params);\n const scheduleAction = createScheduleActionLambda(app, executeAction.lambda.output, params);\n\n // Create event rule.\n const eventRule = app.addResource(aws.cloudwatch.EventRule, {\n name: EVENT_RULE_NAME,\n config: {\n description: `Enable us to schedule an action in publishing workflow at a particular datetime`,\n scheduleExpression: \"cron(* * * * ? 2000)\",\n isEnabled: true\n }\n });\n\n // Add required permission to the target lambda.\n app.addResource(aws.lambda.Permission, {\n name: \"eventTargetPermission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: scheduleAction.lambda.output.arn,\n principal: \"events.amazonaws.com\",\n statementId: \"allow-rule-invoke-\" + EVENT_RULE_NAME\n }\n });\n\n // Add lambda as target to the event rule.\n const eventTarget = app.addResource(aws.cloudwatch.EventTarget, {\n name: EVENT_RULE_TARGET,\n config: {\n rule: eventRule.output.name,\n arn: scheduleAction.lambda.output.arn\n }\n });\n\n return {\n executeAction,\n scheduleAction,\n eventRule,\n eventTarget\n };\n }\n});\n\nfunction createExecuteActionLambda(app: PulumiApp, params: ScheduleActionParams) {\n const role = app.addResource(aws.iam.Role, {\n name: `${EXECUTE_ACTION_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createExecuteActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${EXECUTE_ACTION_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: EXECUTE_ACTION_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle execute action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/executeAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createExecuteActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerExecuteActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:Query\", \"dynamodb:GetItem\", \"dynamodb:DeleteItem\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n\nfunction createScheduleActionLambda(\n app: PulumiApp,\n executeLambda: pulumi.Output<aws.lambda.Function>,\n params: ScheduleActionParams\n) {\n const role = app.addResource(aws.iam.Role, {\n name: `${CREATE_RULE_LAMBDA}-role`,\n config: {\n assumeRolePolicy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"lambda.amazonaws.com\"\n },\n Effect: \"Allow\"\n }\n ]\n }\n },\n meta: { isLambdaFunctionRole: true }\n });\n\n const policy = createScheduleActionLambdaPolicy(app);\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-role-policy-attachment`,\n config: {\n role: role.output,\n policyArn: policy.output.arn\n }\n });\n\n app.addResource(aws.iam.RolePolicyAttachment, {\n name: `${CREATE_RULE_LAMBDA}-AWSLambdaBasicExecutionRole`,\n config: {\n role: role.output,\n policyArn: aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole\n }\n });\n\n const lambda = app.addResource(aws.lambda.Function, {\n name: CREATE_RULE_LAMBDA,\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle schedule action workflow in apw scheduler\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"apw/scheduleAction/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n APW_SCHEDULER_EXECUTE_ACTION_HANDLER: executeLambda.arn\n // RULE_NAME: this.eventRule.name.apply(name => name),\n // RULE_TARGET_ID: this.eventTarget.targetId.apply(id => id)\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n lambda\n };\n}\n\nfunction createScheduleActionLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApwSchedulerScheduleActionLambdaPolicy\",\n config: {\n description: \"This policy enables access to cloudwatch event and lambda invocation\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: [\"*\"]\n },\n {\n Sid: \"PermissionDynamoDB\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:GetItem\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:DeleteItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionEvents\",\n Effect: \"Allow\",\n Action: [\n \"events:DeleteRule\",\n \"events:PutTargets\",\n \"events:PutRule\",\n \"events:ListRules\",\n \"events:RemoveTargets\",\n \"events:ListTargetsByRule\"\n ],\n Resource: [\"*\"]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AAMA,MAAMO,kBAAkB,GAAG,eAAe;AAC1C,MAAMC,kBAAkB,GAAI,GAAED,kBAAmB,yBAAwB;AACzE,MAAME,qBAAqB,GAAI,GAAEF,kBAAmB,wBAAuB;AAC3E,MAAMG,eAAe,GAAI,GAAEH,kBAAmB,aAAY;AAC1D,MAAMI,iBAAiB,GAAI,GAAEJ,kBAAmB,oBAAmB;AAI5D,MAAMK,eAAe,GAAG,IAAAC,wBAAe,EAAC;EAC3CC,IAAI,EAAE,iBAAiB;EACvBC,MAAMA,CAACC,GAAc,EAAEC,MAA4B,EAAE;IACjD,MAAMC,aAAa,GAAGC,yBAAyB,CAACH,GAAG,EAAEC,MAAM,CAAC;IAC5D,MAAMG,cAAc,GAAGC,0BAA0B,CAACL,GAAG,EAAEE,aAAa,CAACI,MAAM,CAACC,MAAM,EAAEN,MAAM,CAAC;;IAE3F;IACA,MAAMO,SAAS,GAAGR,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuB,UAAU,CAACC,SAAS,EAAE;MACxDb,IAAI,EAAEJ,eAAe;MACrBK,MAAM,EAAE;QACJa,WAAW,EAAG,iFAAgF;QAC9FC,kBAAkB,EAAE,sBAAsB;QAC1CC,SAAS,EAAE;MACf;IACJ,CAAC,CAAC;;IAEF;IACAd,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACmB,MAAM,CAACS,UAAU,EAAE;MACnCjB,IAAI,EAAE,uBAAuB;MAC7BC,MAAM,EAAE;QACJiB,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEb,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW,GAAG;QAC1CC,SAAS,EAAE,sBAAsB;QACjCC,WAAW,EAAE,oBAAoB,GAAG1B;MACxC;IACJ,CAAC,CAAC;;IAEF;IACA,MAAM2B,WAAW,GAAGrB,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuB,UAAU,CAACY,WAAW,EAAE;MAC5DxB,IAAI,EAAEH,iBAAiB;MACvBI,MAAM,EAAE;QACJwB,IAAI,EAAEf,SAAS,CAACD,MAAM,CAACT,IAAI;QAC3BoB,GAAG,EAAEd,cAAc,CAACE,MAAM,CAACC,MAAM,CAACW;MACtC;IACJ,CAAC,CAAC;IAEF,OAAO;MACHhB,aAAa;MACbE,cAAc;MACdI,SAAS;MACTa;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAACG,OAAA,CAAA5B,eAAA,GAAAA,eAAA;AAEH,SAASO,yBAAyBA,CAACH,GAAc,EAAEC,MAA4B,EAAE;EAC7E,MAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACC,IAAI,EAAE;IACvC7B,IAAI,EAAG,GAAEL,qBAAsB,OAAM;IACrCM,MAAM,EAAE;MACJ6B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGC,+BAA+B,CAACtC,GAAG,CAAC;EAEnDA,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEL,qBAAsB,yBAAwB;IACvDM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAEH,MAAM,CAAC9B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEL,qBAAsB,8BAA6B;IAC5DM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAErD,GAAG,CAACuC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMpC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACmB,MAAM,CAACqC,QAAQ,EAAE;IAChD7C,IAAI,EAAEL,qBAAqB;IAC3BM,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM,CAACW,GAAG;MACrB0B,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,iDAAiD;MAC9DoC,IAAI,EAAE,IAAI/D,MAAM,CAACgE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIjE,MAAM,CAACgE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,yBAAyB,CAC5D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACL3D,MAAM,CAAC8D,GAAG,CACf;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHtC,IAAI;IACJY,MAAM;IACN/B;EACJ,CAAC;AACL;AAEA,SAASgC,+BAA+BA,CAACtC,GAAc,EAAE;EACrD,MAAMgE,IAAI,GAAGhE,GAAG,CAACiE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOlE,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACyC,MAAM,EAAE;IACnCrE,IAAI,EAAE,uCAAuC;IAC7CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFyB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIsC,GAAG,EAAE,kBAAkB;UACvBlC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCsC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBlC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;UACrEsC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASlE,0BAA0BA,CAC/BL,GAAc,EACdwE,aAAiD,EACjDvE,MAA4B,EAC9B;EACE,MAAMwB,IAAI,GAAGzB,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACC,IAAI,EAAE;IACvC7B,IAAI,EAAG,GAAEN,kBAAmB,OAAM;IAClCO,MAAM,EAAE;MACJ6B,gBAAgB,EAAE;QACdC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,MAAM,EAAE,gBAAgB;UACxBC,SAAS,EAAE;YACPC,OAAO,EAAE;UACb,CAAC;UACDC,MAAM,EAAE;QACZ,CAAC;MAET;IACJ,CAAC;IACDC,IAAI,EAAE;MAAEC,oBAAoB,EAAE;IAAK;EACvC,CAAC,CAAC;EAEF,MAAMC,MAAM,GAAGoC,gCAAgC,CAACzE,GAAG,CAAC;EAEpDA,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEN,kBAAmB,yBAAwB;IACpDO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAEH,MAAM,CAAC9B,MAAM,CAACW;IAC7B;EACJ,CAAC,CAAC;EAEFlB,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACa,oBAAoB,EAAE;IAC1CzC,IAAI,EAAG,GAAEN,kBAAmB,8BAA6B;IACzDO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM;MACjBiC,SAAS,EAAErD,GAAG,CAACuC,GAAG,CAACe,aAAa,CAACC;IACrC;EACJ,CAAC,CAAC;EAEF,MAAMpC,MAAM,GAAGN,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACmB,MAAM,CAACqC,QAAQ,EAAE;IAChD7C,IAAI,EAAEN,kBAAkB;IACxBO,MAAM,EAAE;MACJ0B,IAAI,EAAEA,IAAI,CAAClB,MAAM,CAACW,GAAG;MACrB0B,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfnC,WAAW,EAAE,kDAAkD;MAC/DoC,IAAI,EAAE,IAAI/D,MAAM,CAACgE,KAAK,CAACC,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIjE,MAAM,CAACgE,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACrD,GAAG,CAACsD,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACL3D,MAAM,CAAC8D,GAAG;UACbW,oCAAoC,EAAEF,aAAa,CAACtD;UACpD;UACA;QAAA,EACF;MACN;IACJ;EACJ,CAAC,CAAC;;EAEF,OAAO;IACHO,IAAI;IACJY,MAAM;IACN/B;EACJ,CAAC;AACL;AAEA,SAASmE,gCAAgCA,CAACzE,GAAc,EAAE;EACtD,MAAMgE,IAAI,GAAGhE,GAAG,CAACiE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOlE,GAAG,CAACS,WAAW,CAACtB,GAAG,CAACuC,GAAG,CAACyC,MAAM,EAAE;IACnCrE,IAAI,EAAE,wCAAwC;IAC9CC,MAAM,EAAE;MACJa,WAAW,EAAE,sEAAsE;MACnFyB,MAAM,EAAE;QACJR,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIsC,GAAG,EAAE,kBAAkB;UACvBlC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCsC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC,EACD;UACID,GAAG,EAAE,oBAAoB;UACzBlC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,CACxB;UACDsC,QAAQ,EAAE,CACNpF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,EAAC,EACnDtF,MAAM,CAACqF,WAAY,GAAEN,IAAI,CAACO,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIH,GAAG,EAAE,kBAAkB;UACvBlC,MAAM,EAAE,OAAO;UACfH,MAAM,EAAE,CACJ,mBAAmB,EACnB,mBAAmB,EACnB,gBAAgB,EAChB,kBAAkB,EAClB,sBAAsB,EACtB,0BAA0B,CAC7B;UACDsC,QAAQ,EAAE,CAAC,GAAG;QAClB,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiCloudfront","createAppModule","name","config","app","gateway","getModule","ApiGateway","addResource","
|
|
1
|
+
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","_ApiGateway","ApiCloudfront","createAppModule","name","config","app","gateway","getModule","ApiGateway","addResource","cloudfront","Distribution","waitForDeployment","isIpv6Enabled","enabled","defaultCacheBehavior","compress","allowedMethods","cachedMethods","forwardedValues","cookies","forward","headers","queryString","minTtl","defaultTtl","maxTtl","targetOriginId","api","output","viewerProtocolPolicy","orderedCacheBehaviors","pathPattern","origins","domainName","stage","invokeUrl","apply","url","URL","hostname","originPath","pathname","originId","customOriginConfig","httpPort","httpsPort","originProtocolPolicy","originSslProtocols","restrictions","geoRestriction","restrictionType","viewerCertificate","cloudfrontDefaultCertificate","exports"],"sources":["ApiCloudfront.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { ApiGateway } from \"./ApiGateway\";\n\nexport type ApiCloudfront = PulumiAppModule<typeof ApiCloudfront>;\n\nexport const ApiCloudfront = createAppModule({\n name: \"ApiCloudfront\",\n config(app: PulumiApp) {\n const gateway = app.getModule(ApiGateway);\n\n return app.addResource(aws.cloudfront.Distribution, {\n name: \"api-cloudfront\",\n config: {\n waitForDeployment: false,\n isIpv6Enabled: true,\n enabled: true,\n defaultCacheBehavior: {\n compress: true,\n allowedMethods: [\"GET\", \"HEAD\", \"OPTIONS\", \"PUT\", \"POST\", \"PATCH\", \"DELETE\"],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 86400,\n targetOriginId: gateway.api.output.name,\n viewerProtocolPolicy: \"allow-all\"\n },\n orderedCacheBehaviors: [\n {\n compress: true,\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PUT\",\n \"POST\",\n \"PATCH\",\n \"DELETE\"\n ],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n pathPattern: \"/cms*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: gateway.api.output.name\n },\n {\n allowedMethods: [\n \"GET\",\n \"HEAD\",\n \"OPTIONS\",\n \"PUT\",\n \"POST\",\n \"PATCH\",\n \"DELETE\"\n ],\n cachedMethods: [\"GET\", \"HEAD\", \"OPTIONS\"],\n forwardedValues: {\n cookies: {\n forward: \"none\"\n },\n headers: [\"Accept\", \"Accept-Language\"],\n queryString: true\n },\n // MinTTL <= DefaultTTL <= MaxTTL\n minTtl: 0,\n defaultTtl: 0,\n maxTtl: 2592000,\n pathPattern: \"/files/*\",\n viewerProtocolPolicy: \"allow-all\",\n targetOriginId: gateway.api.output.name\n }\n ],\n origins: [\n {\n domainName: gateway.stage.output.invokeUrl.apply(\n (url: string) => new URL(url).hostname\n ),\n originPath: gateway.stage.output.invokeUrl.apply(\n (url: string) => new URL(url).pathname\n ),\n originId: gateway.api.output.name,\n customOriginConfig: {\n httpPort: 80,\n httpsPort: 443,\n originProtocolPolicy: \"https-only\",\n originSslProtocols: [\"TLSv1.2\"]\n }\n }\n ],\n restrictions: {\n geoRestriction: {\n restrictionType: \"none\"\n }\n },\n viewerCertificate: {\n cloudfrontDefaultCertificate: true\n }\n }\n });\n }\n});\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEA,IAAAE,WAAA,GAAAF,OAAA;AAIO,MAAMG,aAAa,GAAG,IAAAC,uBAAe,EAAC;EACzCC,IAAI,EAAE,eAAe;EACrBC,MAAMA,CAACC,GAAc,EAAE;IACnB,MAAMC,OAAO,GAAGD,GAAG,CAACE,SAAS,CAACC,sBAAU,CAAC;IAEzC,OAAOH,GAAG,CAACI,WAAW,CAACb,GAAG,CAACc,UAAU,CAACC,YAAY,EAAE;MAChDR,IAAI,EAAE,gBAAgB;MACtBC,MAAM,EAAE;QACJQ,iBAAiB,EAAE,KAAK;QACxBC,aAAa,EAAE,IAAI;QACnBC,OAAO,EAAE,IAAI;QACbC,oBAAoB,EAAE;UAClBC,QAAQ,EAAE,IAAI;UACdC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC;UAC5EC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;UACzCC,eAAe,EAAE;YACbC,OAAO,EAAE;cACLC,OAAO,EAAE;YACb,CAAC;YACDC,OAAO,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;YACtCC,WAAW,EAAE;UACjB,CAAC;UACD;UACAC,MAAM,EAAE,CAAC;UACTC,UAAU,EAAE,CAAC;UACbC,MAAM,EAAE,KAAK;UACbC,cAAc,EAAErB,OAAO,CAACsB,GAAG,CAACC,MAAM,CAAC1B,IAAI;UACvC2B,oBAAoB,EAAE;QAC1B,CAAC;QACDC,qBAAqB,EAAE,CACnB;UACIf,QAAQ,EAAE,IAAI;UACdC,cAAc,EAAE,CACZ,KAAK,EACL,MAAM,EACN,SAAS,EACT,KAAK,EACL,MAAM,EACN,OAAO,EACP,QAAQ,CACX;UACDC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;UACzCC,eAAe,EAAE;YACbC,OAAO,EAAE;cACLC,OAAO,EAAE;YACb,CAAC;YACDC,OAAO,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;YACtCC,WAAW,EAAE;UACjB,CAAC;UACDS,WAAW,EAAE,OAAO;UACpBF,oBAAoB,EAAE,WAAW;UACjCH,cAAc,EAAErB,OAAO,CAACsB,GAAG,CAACC,MAAM,CAAC1B;QACvC,CAAC,EACD;UACIc,cAAc,EAAE,CACZ,KAAK,EACL,MAAM,EACN,SAAS,EACT,KAAK,EACL,MAAM,EACN,OAAO,EACP,QAAQ,CACX;UACDC,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;UACzCC,eAAe,EAAE;YACbC,OAAO,EAAE;cACLC,OAAO,EAAE;YACb,CAAC;YACDC,OAAO,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;YACtCC,WAAW,EAAE;UACjB,CAAC;UACD;UACAC,MAAM,EAAE,CAAC;UACTC,UAAU,EAAE,CAAC;UACbC,MAAM,EAAE,OAAO;UACfM,WAAW,EAAE,UAAU;UACvBF,oBAAoB,EAAE,WAAW;UACjCH,cAAc,EAAErB,OAAO,CAACsB,GAAG,CAACC,MAAM,CAAC1B;QACvC,CAAC,CACJ;QACD8B,OAAO,EAAE,CACL;UACIC,UAAU,EAAE5B,OAAO,CAAC6B,KAAK,CAACN,MAAM,CAACO,SAAS,CAACC,KAAK,CAC3CC,GAAW,IAAK,IAAIC,GAAG,CAACD,GAAG,CAAC,CAACE,QAClC,CAAC;UACDC,UAAU,EAAEnC,OAAO,CAAC6B,KAAK,CAACN,MAAM,CAACO,SAAS,CAACC,KAAK,CAC3CC,GAAW,IAAK,IAAIC,GAAG,CAACD,GAAG,CAAC,CAACI,QAClC,CAAC;UACDC,QAAQ,EAAErC,OAAO,CAACsB,GAAG,CAACC,MAAM,CAAC1B,IAAI;UACjCyC,kBAAkB,EAAE;YAChBC,QAAQ,EAAE,EAAE;YACZC,SAAS,EAAE,GAAG;YACdC,oBAAoB,EAAE,YAAY;YAClCC,kBAAkB,EAAE,CAAC,SAAS;UAClC;QACJ,CAAC,CACJ;QACDC,YAAY,EAAE;UACVC,cAAc,EAAE;YACZC,eAAe,EAAE;UACrB;QACJ,CAAC;QACDC,iBAAiB,EAAE;UACfC,4BAA4B,EAAE;QAClC;MACJ;IACJ,CAAC,CAAC;EACN;AACJ,CAAC,CAAC;AAACC,OAAA,CAAArD,aAAA,GAAAA,aAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiFileManager","createAppModule","name","config","app","core","getModule","CoreOutput","accountId","getAwsAccountId","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","transform","addResource","aws","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","layers","getLayerArn","environment","variables","getCommonLambdaEnvVariables","apply","value","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","manage","download","IMAGE_TRANSFORMER_FUNCTION","env","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","sourceAccount","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","functions","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"~/apps/awsUtils\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\ninterface ApiFileManagerConfig {\n env: Record<string, any>;\n}\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp, config: ApiFileManagerConfig) {\n const core = app.getModule(CoreOutput);\n const accountId = getAwsAccountId(app);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const transform = app.addResource(aws.lambda.Function, {\n name: \"fm-image-transformer\",\n config: {\n handler: \"handler.handler\",\n timeout: 30,\n runtime: \"nodejs14.x\",\n memorySize: 1600,\n role: role.output.arn,\n description: \"Performs image optimization, resizing, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/transform/build\")\n )\n }),\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Serves previously uploaded files.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/download/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId,\n IMAGE_TRANSFORMER_FUNCTION: transform.output.arn,\n ...config.env\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n sourceAccount: accountId\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n transform,\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AAGA;AACA;AAEA;AACA;AACA;AANA;;AAcO,MAAMA,cAAc,GAAG,IAAAC,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAM,CAACC,GAAc,EAAED,MAA4B,EAAE;IACjD,MAAME,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,kBAAU,CAAC;IACtC,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACL,GAAG,CAAC;IAEtC,MAAMM,MAAM,GAAGC,6BAA6B,CAACP,GAAG,CAAC;IACjD,MAAMQ,IAAI,GAAG,IAAAC,6BAAgB,EAACT,GAAG,EAAE;MAC/BF,IAAI,EAAE,gBAAgB;MACtBQ,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,SAAS,GAAGX,GAAG,CAACY,WAAW,CAACC,GAAG,CAACC,MAAM,CAACC,QAAQ,EAAE;MACnDjB,IAAI,EAAE,sBAAsB;MAC5BC,MAAM,EAAE;QACJiB,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,OAAO,EAAE,YAAY;QACrBC,UAAU,EAAE,IAAI;QAChBX,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACU,GAAG;QACrBC,WAAW,EAAE,6CAA6C;QAC1DC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC5B,GAAG,CAAC6B,KAAK,CAACC,SAAS,EAAE,6BAA6B,CAAC;QAErE,CAAC,CAAC;QACFC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,OAAO,CAAC,CAAC;QAC9BC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,gEAC7CA,KAAK;YACRC,SAAS,EAAErC,IAAI,CAACsC;UAAmB,EACrC;QACN,CAAC;QACDC,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAG3C,GAAG,CAACY,WAAW,CAACC,GAAG,CAACC,MAAM,CAACC,QAAQ,EAAE;MAChDjB,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACU,GAAG;QACrBF,OAAO,EAAE,YAAY;QACrBF,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXE,UAAU,EAAE,GAAG;QACfE,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC5B,GAAG,CAAC6B,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAAC;QAElE,CAAC,CAAC;QACFG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,gEAC7CA,KAAK;YACRC,SAAS,EAAErC,IAAI,CAACsC;UAAmB,EACrC;QACN,CAAC;QACDC,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAME,QAAQ,GAAG5C,GAAG,CAACY,WAAW,CAACC,GAAG,CAACC,MAAM,CAACC,QAAQ,EAAE;MAClDjB,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACU,GAAG;QACrBF,OAAO,EAAE,YAAY;QACrBF,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXE,UAAU,EAAE,GAAG;QACfE,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC5B,GAAG,CAAC6B,KAAK,CAACC,SAAS,EAAE,4BAA4B,CAAC;QAEpE,CAAC,CAAC;QACFG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,gEAC7CA,KAAK;YACRC,SAAS,EAAErC,IAAI,CAACsC,mBAAmB;YACnCM,0BAA0B,EAAElC,SAAS,CAACD,MAAM,CAACU;UAAG,GAC7CrB,MAAM,CAAC+C,GAAG,CACf;QACN,CAAC;QACDN,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMK,wBAAwB,GAAG/C,GAAG,CAACY,WAAW,CAACC,GAAG,CAACC,MAAM,CAACkC,UAAU,EAAE;MACpElD,IAAI,EAAE,gCAAgC;MACtCC,MAAM,EAAE;QACJkD,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEP,MAAM,CAACjC,MAAM,CAACU,GAAG;QAC3B+B,SAAS,EAAE,kBAAkB;QAC7BC,SAAS,EAAE7B,MAAM,CAAC8B,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,EAAC;QACvEe,aAAa,EAAElD;MACnB,CAAC;MACDmD,IAAI,EAAE;QACFC,SAAS,EAAE,CAACb,MAAM,CAACjC,MAAM;MAC7B;IACJ,CAAC,CAAC;IAEF,MAAM+C,kBAAkB,GAAGzD,GAAG,CAACY,WAAW,CAACC,GAAG,CAAC6C,EAAE,CAACC,kBAAkB,EAAE;MAClE7D,IAAI,EAAE,oBAAoB;MAC1BC,MAAM,EAAE;QACJ6D,MAAM,EAAE3D,IAAI,CAACsC,mBAAmB;QAChCsB,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAEnB,MAAM,CAACjC,MAAM,CAACU,GAAG;UACpC2C,MAAM,EAAE,CAAC,oBAAoB;QACjC,CAAC;MAET,CAAC;MACDR,IAAI,EAAE;QACFC,SAAS,EAAE,CAACb,MAAM,CAACjC,MAAM,EAAEqC,wBAAwB,CAACrC,MAAM;MAC9D;IACJ,CAAC,CAAC;IAEF,MAAMsD,SAAS,GAAG;MACdrD,SAAS;MACTgC,MAAM;MACNC;IACJ,CAAC;IAED,OAAO;MACHoB,SAAS;MACTP;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAAC;AAEH,SAASlD,6BAA6B,CAACP,GAAc,EAAE;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOH,GAAG,CAACY,WAAW,CAACC,GAAG,CAACoD,GAAG,CAACC,MAAM,EAAE;IACnCpE,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJsB,WAAW,EAAE,6CAA6C;MAC1Df,MAAM,EAAE;QACJ6D,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,uBAAuB;UAC/BC,QAAQ,EAAE;QACd,CAAC,EACD;UACIH,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNjD,MAAM,CAAC8B,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,EAAC,EAC5DhB,MAAM,CAAC8B,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,IAAG;QAEtE,CAAC,EACD;UACI8B,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;UAC9CC,QAAQ,EAAE,CACNjD,MAAM,CAAC8B,WAAY,GAAEpD,IAAI,CAACwE,uBAAwB,EAAC,EACnDlD,MAAM,CAAC8B,WAAY,GAAEpD,IAAI,CAACwE,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN"}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_awsLayers","_pulumi2","_lambdaUtils","_common","_awsUtils","ApiFileManager","createAppModule","name","config","app","core","getModule","CoreOutput","accountId","getAwsAccountId","policy","createFileManagerLambdaPolicy","role","createLambdaRole","output","transform","addResource","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","layers","getLayerArn","environment","variables","getCommonLambdaEnvVariables","apply","value","_objectSpread2","default","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","manage","download","IMAGE_TRANSFORMER_FUNCTION","env","manageS3LambdaPermission","Permission","action","function","principal","sourceArn","interpolate","sourceAccount","opts","dependsOn","bucketNotification","s3","BucketNotification","bucket","lambdaFunctions","lambdaFunctionArn","events","functions","exports","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn"],"sources":["ApiFileManager.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// @ts-ignore\nimport { getLayerArn } from \"@webiny/aws-layers\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { getAwsAccountId } from \"~/apps/awsUtils\";\n\nexport type ApiFileManager = PulumiAppModule<typeof ApiFileManager>;\n\ninterface ApiFileManagerConfig {\n env: Record<string, any>;\n}\n\nexport const ApiFileManager = createAppModule({\n name: \"ApiFileManager\",\n config(app: PulumiApp, config: ApiFileManagerConfig) {\n const core = app.getModule(CoreOutput);\n const accountId = getAwsAccountId(app);\n\n const policy = createFileManagerLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"fm-lambda-role\",\n policy: policy.output\n });\n\n const transform = app.addResource(aws.lambda.Function, {\n name: \"fm-image-transformer\",\n config: {\n handler: \"handler.handler\",\n timeout: 30,\n runtime: \"nodejs14.x\",\n memorySize: 1600,\n role: role.output.arn,\n description: \"Performs image optimization, resizing, etc.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/transform/build\")\n )\n }),\n layers: [getLayerArn(\"sharp\")],\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manage = app.addResource(aws.lambda.Function, {\n name: \"fm-manage\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Triggered when a file is deleted.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/manage/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const download = app.addResource(aws.lambda.Function, {\n name: \"fm-download\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 30,\n memorySize: 512,\n description: \"Serves previously uploaded files.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"fileManager/download/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n S3_BUCKET: core.fileManagerBucketId,\n IMAGE_TRANSFORMER_FUNCTION: transform.output.arn,\n ...config.env\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n const manageS3LambdaPermission = app.addResource(aws.lambda.Permission, {\n name: \"fm-manage-s3-lambda-permission\",\n config: {\n action: \"lambda:InvokeFunction\",\n function: manage.output.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n sourceAccount: accountId\n },\n opts: {\n dependsOn: [manage.output]\n }\n });\n\n const bucketNotification = app.addResource(aws.s3.BucketNotification, {\n name: \"bucketNotification\",\n config: {\n bucket: core.fileManagerBucketId,\n lambdaFunctions: [\n {\n lambdaFunctionArn: manage.output.arn,\n events: [\"s3:ObjectRemoved:*\"]\n }\n ]\n },\n opts: {\n dependsOn: [manage.output, manageS3LambdaPermission.output]\n }\n });\n\n const functions = {\n transform,\n manage,\n download\n };\n\n return {\n functions,\n bucketNotification\n };\n }\n});\n\nfunction createFileManagerLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n\n return app.addResource(aws.iam.Policy, {\n name: \"FileManagerLambdaPolicy\",\n config: {\n description: \"This policy enables access to Lambda and S3\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: \"lambda:InvokeFunction\",\n Resource: \"*\"\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:DeleteObject\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`,\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`\n ]\n },\n {\n Sid: \"PermissionForDynamoDB\",\n Effect: \"Allow\",\n Action: [\"dynamodb:GetItem\", \"dynamodb:Query\"],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n }\n ]\n }\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AAGA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAEA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AANA;;AAcO,MAAMS,cAAc,GAAG,IAAAC,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAED,MAA4B,EAAE;IACjD,MAAME,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,kBAAU,CAAC;IACtC,MAAMC,SAAS,GAAG,IAAAC,yBAAe,EAACL,GAAG,CAAC;IAEtC,MAAMM,MAAM,GAAGC,6BAA6B,CAACP,GAAG,CAAC;IACjD,MAAMQ,IAAI,GAAG,IAAAC,6BAAgB,EAACT,GAAG,EAAE;MAC/BF,IAAI,EAAE,gBAAgB;MACtBQ,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,SAAS,GAAGX,GAAG,CAACY,WAAW,CAACtB,GAAG,CAACuB,MAAM,CAACC,QAAQ,EAAE;MACnDhB,IAAI,EAAE,sBAAsB;MAC5BC,MAAM,EAAE;QACJgB,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXC,OAAO,EAAE,YAAY;QACrBC,UAAU,EAAE,IAAI;QAChBV,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACS,GAAG;QACrBC,WAAW,EAAE,6CAA6C;QAC1DC,IAAI,EAAE,IAAIjC,MAAM,CAACkC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAInC,MAAM,CAACkC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC1B,GAAG,CAAC2B,KAAK,CAACC,SAAS,EAAE,6BAA6B,CAChE;QACJ,CAAC,CAAC;QACFC,MAAM,EAAE,CAAC,IAAAC,sBAAW,EAAC,OAAO,CAAC,CAAC;QAC9BC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK;YACRG,SAAS,EAAErC,IAAI,CAACsC;UAAmB,EACrC;QACN,CAAC;QACDC,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMC,MAAM,GAAG3C,GAAG,CAACY,WAAW,CAACtB,GAAG,CAACuB,MAAM,CAACC,QAAQ,EAAE;MAChDhB,IAAI,EAAE,WAAW;MACjBC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACS,GAAG;QACrBF,OAAO,EAAE,YAAY;QACrBF,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXE,UAAU,EAAE,GAAG;QACfE,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAIjC,MAAM,CAACkC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAInC,MAAM,CAACkC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC1B,GAAG,CAAC2B,KAAK,CAACC,SAAS,EAAE,0BAA0B,CAC7D;QACJ,CAAC,CAAC;QACFG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK;YACRG,SAAS,EAAErC,IAAI,CAACsC;UAAmB,EACrC;QACN,CAAC;QACDC,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAME,QAAQ,GAAG5C,GAAG,CAACY,WAAW,CAACtB,GAAG,CAACuB,MAAM,CAACC,QAAQ,EAAE;MAClDhB,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJS,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACS,GAAG;QACrBF,OAAO,EAAE,YAAY;QACrBF,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,EAAE;QACXE,UAAU,EAAE,GAAG;QACfE,WAAW,EAAE,mCAAmC;QAChDC,IAAI,EAAE,IAAIjC,MAAM,CAACkC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAInC,MAAM,CAACkC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC1B,GAAG,CAAC2B,KAAK,CAACC,SAAS,EAAE,4BAA4B,CAC/D;QACJ,CAAC,CAAC;QACFG,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK;YACRG,SAAS,EAAErC,IAAI,CAACsC,mBAAmB;YACnCM,0BAA0B,EAAElC,SAAS,CAACD,MAAM,CAACS;UAAG,GAC7CpB,MAAM,CAAC+C,GAAG,CACf;QACN,CAAC;QACDN,SAAS,EAAExC,GAAG,CAACE,SAAS,CAACuC,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,MAAMK,wBAAwB,GAAG/C,GAAG,CAACY,WAAW,CAACtB,GAAG,CAACuB,MAAM,CAACmC,UAAU,EAAE;MACpElD,IAAI,EAAE,gCAAgC;MACtCC,MAAM,EAAE;QACJkD,MAAM,EAAE,uBAAuB;QAC/BC,QAAQ,EAAEP,MAAM,CAACjC,MAAM,CAACS,GAAG;QAC3BgC,SAAS,EAAE,kBAAkB;QAC7BC,SAAS,EAAEhE,MAAM,CAACiE,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,EAAC;QACvEe,aAAa,EAAElD;MACnB,CAAC;MACDmD,IAAI,EAAE;QACFC,SAAS,EAAE,CAACb,MAAM,CAACjC,MAAM;MAC7B;IACJ,CAAC,CAAC;IAEF,MAAM+C,kBAAkB,GAAGzD,GAAG,CAACY,WAAW,CAACtB,GAAG,CAACoE,EAAE,CAACC,kBAAkB,EAAE;MAClE7D,IAAI,EAAE,oBAAoB;MAC1BC,MAAM,EAAE;QACJ6D,MAAM,EAAE3D,IAAI,CAACsC,mBAAmB;QAChCsB,eAAe,EAAE,CACb;UACIC,iBAAiB,EAAEnB,MAAM,CAACjC,MAAM,CAACS,GAAG;UACpC4C,MAAM,EAAE,CAAC,oBAAoB;QACjC,CAAC;MAET,CAAC;MACDR,IAAI,EAAE;QACFC,SAAS,EAAE,CAACb,MAAM,CAACjC,MAAM,EAAEqC,wBAAwB,CAACrC,MAAM;MAC9D;IACJ,CAAC,CAAC;IAEF,MAAMsD,SAAS,GAAG;MACdrD,SAAS;MACTgC,MAAM;MACNC;IACJ,CAAC;IAED,OAAO;MACHoB,SAAS;MACTP;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAACQ,OAAA,CAAArE,cAAA,GAAAA,cAAA;AAEH,SAASW,6BAA6BA,CAACP,GAAc,EAAE;EACnD,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,kBAAU,CAAC;EAEtC,OAAOH,GAAG,CAACY,WAAW,CAACtB,GAAG,CAAC4E,GAAG,CAACC,MAAM,EAAE;IACnCrE,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJqB,WAAW,EAAE,6CAA6C;MAC1Dd,MAAM,EAAE;QACJ8D,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,uBAAuB;UAC/BC,QAAQ,EAAE;QACd,CAAC,EACD;UACIH,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNrF,MAAM,CAACiE,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,EAAC,EAC5DnD,MAAM,CAACiE,WAAY,gBAAepD,IAAI,CAACsC,mBAAoB,IAAG;QAEtE,CAAC,EACD;UACI+B,GAAG,EAAE,uBAAuB;UAC5BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;UAC9CC,QAAQ,EAAE,CACNrF,MAAM,CAACiE,WAAY,GAAEpD,IAAI,CAACyE,uBAAwB,EAAC,EACnDtF,MAAM,CAACiE,WAAY,GAAEpD,IAAI,CAACyE,uBAAwB,IAAG;QAE7D,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiGateway","createAppModule","name","config","app","routesConfig","api","addResource","
|
|
1
|
+
{"version":3,"names":["aws","_interopRequireWildcard","require","_pulumi","ApiGateway","createAppModule","name","config","app","routesConfig","api","addResource","apigatewayv2","Api","protocolType","description","stage","Stage","apiId","output","id","autoDeploy","routes","Object","keys","addRoute","params","route","createRoute","exports","integration","Integration","integrationType","integrationMethod","method","integrationUri","function","passthroughBehavior","Route","routeKey","path","target","apply","value","permission","lambda","Permission","action","principal","sourceArn","executionArn","arn"],"sources":["ApiGateway.ts"],"sourcesContent":["import * as aws from \"@pulumi/aws\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nexport interface ApiRouteParams {\n path: pulumi.Input<string>;\n method: pulumi.Input<string>;\n function: pulumi.Input<string>;\n}\n\nexport type ApiGateway = PulumiAppModule<typeof ApiGateway>;\n\nexport const ApiGateway = createAppModule({\n name: \"ApiGateway\",\n config(app: PulumiApp, routesConfig: Record<string, ApiRouteParams>) {\n const api = app.addResource(aws.apigatewayv2.Api, {\n name: \"api-gateway\",\n config: {\n protocolType: \"HTTP\",\n description: \"Main API gateway\"\n }\n });\n\n const stage = app.addResource(aws.apigatewayv2.Stage, {\n name: \"default\",\n config: {\n apiId: api.output.id,\n autoDeploy: true\n }\n });\n\n const routes: Record<string, ReturnType<typeof createRoute>> = {};\n\n for (const name of Object.keys(routesConfig)) {\n addRoute(name, routesConfig[name]);\n }\n\n return {\n api,\n stage,\n routes,\n addRoute\n };\n\n function addRoute(name: string, params: ApiRouteParams) {\n const route = createRoute(app, api.output, name, params);\n routes[name] = route;\n }\n }\n});\n\nfunction createRoute(\n app: PulumiApp,\n api: pulumi.Output<aws.apigatewayv2.Api>,\n name: string,\n params: ApiRouteParams\n) {\n const integration = app.addResource(aws.apigatewayv2.Integration, {\n name: name,\n config: {\n description: \"GraphQL API Integration\",\n apiId: api.id,\n integrationType: \"AWS_PROXY\",\n integrationMethod: params.method,\n integrationUri: params.function,\n passthroughBehavior: \"WHEN_NO_MATCH\"\n }\n });\n\n const route = app.addResource(aws.apigatewayv2.Route, {\n name: name,\n config: {\n apiId: api.id,\n routeKey: `${params.method} ${params.path}`,\n target: integration.output.id.apply(value => `integrations/${value}`)\n }\n });\n\n const permission = app.addResource(aws.lambda.Permission, {\n name: `allow-${name}`,\n config: {\n action: \"lambda:InvokeFunction\",\n function: params.function,\n principal: \"apigateway.amazonaws.com\",\n sourceArn: api.executionArn.apply(arn => `${arn}/*/*${params.path}`)\n }\n });\n\n return {\n integration,\n route,\n permission\n };\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAUO,MAAME,UAAU,GAAG,IAAAC,uBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAc,EAAEC,YAA4C,EAAE;IACjE,MAAMC,GAAG,GAAGF,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,YAAY,CAACC,GAAG,EAAE;MAC9CP,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJO,YAAY,EAAE,MAAM;QACpBC,WAAW,EAAE;MACjB;IACJ,CAAC,CAAC;IAEF,MAAMC,KAAK,GAAGR,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,YAAY,CAACK,KAAK,EAAE;MAClDX,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJW,KAAK,EAAER,GAAG,CAACS,MAAM,CAACC,EAAE;QACpBC,UAAU,EAAE;MAChB;IACJ,CAAC,CAAC;IAEF,MAAMC,MAAsD,GAAG,CAAC,CAAC;IAEjE,KAAK,MAAMhB,IAAI,IAAIiB,MAAM,CAACC,IAAI,CAACf,YAAY,CAAC,EAAE;MAC1CgB,QAAQ,CAACnB,IAAI,EAAEG,YAAY,CAACH,IAAI,CAAC,CAAC;IACtC;IAEA,OAAO;MACHI,GAAG;MACHM,KAAK;MACLM,MAAM;MACNG;IACJ,CAAC;IAED,SAASA,QAAQA,CAACnB,IAAY,EAAEoB,MAAsB,EAAE;MACpD,MAAMC,KAAK,GAAGC,WAAW,CAACpB,GAAG,EAAEE,GAAG,CAACS,MAAM,EAAEb,IAAI,EAAEoB,MAAM,CAAC;MACxDJ,MAAM,CAAChB,IAAI,CAAC,GAAGqB,KAAK;IACxB;EACJ;AACJ,CAAC,CAAC;AAACE,OAAA,CAAAzB,UAAA,GAAAA,UAAA;AAEH,SAASwB,WAAWA,CAChBpB,GAAc,EACdE,GAAwC,EACxCJ,IAAY,EACZoB,MAAsB,EACxB;EACE,MAAMI,WAAW,GAAGtB,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,YAAY,CAACmB,WAAW,EAAE;IAC9DzB,IAAI,EAAEA,IAAI;IACVC,MAAM,EAAE;MACJQ,WAAW,EAAE,yBAAyB;MACtCG,KAAK,EAAER,GAAG,CAACU,EAAE;MACbY,eAAe,EAAE,WAAW;MAC5BC,iBAAiB,EAAEP,MAAM,CAACQ,MAAM;MAChCC,cAAc,EAAET,MAAM,CAACU,QAAQ;MAC/BC,mBAAmB,EAAE;IACzB;EACJ,CAAC,CAAC;EAEF,MAAMV,KAAK,GAAGnB,GAAG,CAACG,WAAW,CAACX,GAAG,CAACY,YAAY,CAAC0B,KAAK,EAAE;IAClDhC,IAAI,EAAEA,IAAI;IACVC,MAAM,EAAE;MACJW,KAAK,EAAER,GAAG,CAACU,EAAE;MACbmB,QAAQ,EAAG,GAAEb,MAAM,CAACQ,MAAO,IAAGR,MAAM,CAACc,IAAK,EAAC;MAC3CC,MAAM,EAAEX,WAAW,CAACX,MAAM,CAACC,EAAE,CAACsB,KAAK,CAACC,KAAK,IAAK,gBAAeA,KAAM,EAAC;IACxE;EACJ,CAAC,CAAC;EAEF,MAAMC,UAAU,GAAGpC,GAAG,CAACG,WAAW,CAACX,GAAG,CAAC6C,MAAM,CAACC,UAAU,EAAE;IACtDxC,IAAI,EAAG,SAAQA,IAAK,EAAC;IACrBC,MAAM,EAAE;MACJwC,MAAM,EAAE,uBAAuB;MAC/BX,QAAQ,EAAEV,MAAM,CAACU,QAAQ;MACzBY,SAAS,EAAE,0BAA0B;MACrCC,SAAS,EAAEvC,GAAG,CAACwC,YAAY,CAACR,KAAK,CAACS,GAAG,IAAK,GAAEA,GAAI,OAAMzB,MAAM,CAACc,IAAK,EAAC;IACvE;EACJ,CAAC,CAAC;EAEF,OAAO;IACHV,WAAW;IACXH,KAAK;IACLiB;EACJ,CAAC;AACL"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","aws","lambda","Function","runtime","handler","arn","timeout","memorySize","code","pulumi","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","function","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AAmBO,MAAMA,UAAU,GAAG,IAAAC,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAM,CAACC,GAAc,EAAEC,MAAqB,EAAE;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;IAEtC,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAG,CAAC;IAC7C,MAAMO,IAAI,GAAG,IAAAC,6BAAgB,EAACR,GAAG,EAAE;MAC/BF,IAAI,EAAE,iBAAiB;MACvBO,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAW,CAACC,GAAG,CAACC,MAAM,CAACC,QAAQ,EAAE;MACjDhB,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJgB,OAAO,EAAE,YAAY;QACrBC,OAAO,EAAE,iBAAiB;QAC1BT,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACQ,GAAG;QACrBC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,IAAI,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIF,MAAM,CAACC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAAC1B,GAAG,CAAC2B,KAAK,CAACC,SAAS,EAAE,eAAe,CAAC;QAEvD,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACLhC,MAAM,CAACiC,GAAG;YACbC,mCAAmC,EAAE;UAAG,EAC1C;QACN,CAAC;QACDC,SAAS,EAAEpC,GAAG,CAACG,SAAS,CAACkC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IACF;AACR;AACA;AACA;AACA;AACA;IACQtC,GAAG,CAACW,WAAW,CAACC,GAAG,CAAC2B,QAAQ,CAACC,SAAS,EAAE;MACpC1C,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ0C,SAAS,EAAEvC,IAAI,CAACwC,wBAAwB;QACxCC,OAAO,EAAEzC,IAAI,CAAC0C,2BAA2B;QACzCC,QAAQ,EAAExB,MAAM,CACXZ,MAAM,CAACP,IAAI,CAAC4C,4BAA4B,CAAC,CACzCd,KAAK,CAACe,GAAG,IAAIA,GAAG,IAAI,IAAI,CAAC;QAC9BC,IAAI,EAAE3B,MAAM,CAAC4B,WAAY;AACzC;AACA,6BAA6BjD,GAAG,CAACC,MAAM,CAACiD,GAAG,CAACC,OAAO,IAAI,SAAU;AACjE,iDAAiDzC,OAAO,CAACD,MAAM,CAACQ,GAAI;AACpE,wCAAwChB,MAAM,CAACmD,qBAAqB,CAACtD,IAAK;AAC1E,wCAAwCG,MAAM,CAACoD,uBAAuB,CAACC,QAAS;AAChF;MACY;IACJ,CAAC,CAAC;IAEF,OAAO;MACH/C,IAAI;MACJF,MAAM;MACNkD,SAAS,EAAE;QACP7C;MACJ,CAAC;MACD8C,QAAQ,EAAGC,WAA2B,IAAK;QACvC,MAAMC,UAAe,GAAG1D,GAAG,CAAC2D,SAAS,CAACD,UAAU;QAChD,IAAI,CAACA,UAAU,EAAE;UACbE,OAAO,CAACC,GAAG,CACP,sEAAsE,CACzE;UACD;QACJ;QACA,MAAMC,SAAS,GAAG,IAAAC,kBAAW,EAACN,WAAW,CAAC3D,IAAI,CAAC;QAC/C,IAAIgE,SAAS,KAAKL,WAAW,CAAC3D,IAAI,EAAE;UAChC8D,OAAO,CAACC,GAAG,CAAE,+BAA8BJ,WAAW,CAAC3D,IAAK,IAAG,CAAC;UAChE;QACJ;QACA,OAAO4D,UAAU,CAACF,QAAQ,CAACC,WAAW,CAAC3D,IAAI,EAAE;UACzC2B,IAAI,EAAEgC,WAAW,CAAChC,IAAI;UACtBuC,MAAM,EAAEP,WAAW,CAACO,MAAM;UAC1BC,QAAQ,EAAEvD,OAAO,CAACD,MAAM,CAACQ;QAC7B,CAAC,CAAC;MACN;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAAC;AAEH,SAASX,yBAAyB,CAACN,GAAc,EAAE;EAC/C,MAAMkE,UAAU,GAAGlE,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;EAC5C,MAAM+D,YAAY,GAAG,IAAAC,yBAAe,EAACpE,GAAG,CAAC;EACzC,MAAMqE,SAAS,GAAG,IAAAC,sBAAY,EAACtE,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACW,WAAW,CAACC,GAAG,CAAC2D,GAAG,CAACC,MAAM,EAAE;IACnC1E,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ0E,WAAW,EAAE,oEAAoE;MACjF;MACApE,MAAM,EAAE6D,UAAU,CAAClC,KAAK,CAAC9B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCqE,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,6BAA6B,EAC7B,uBAAuB,EACvB,sBAAsB,EACtB,6BAA6B,EAC7B,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,6BAA6B,EAC7B,yBAAyB,EACzB,oCAAoC,EACpC,sCAAsC,EACtC,yBAAyB,EACzB,8CAA8C,EAC9C,yBAAyB,EACzB,mCAAmC,EACnC,4CAA4C,EAC5C,yBAAyB,EACzB,wBAAwB,EACxB,0CAA0C,EAC1C,6BAA6B,EAC7B,6CAA6C,EAC7C,4CAA4C,EAC5C,mCAAmC,EACnC,kBAAkB,EAClB,qBAAqB,EACrB,2BAA2B,EAC3B,sBAAsB,EACtB,kCAAkC,EAClC,sBAAsB,EACtB,sBAAsB,EACtB,qBAAqB,EACrB,6BAA6B,EAC7B,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,4CAA4C,EAC5C,kBAAkB,EAClB,gBAAgB,EAChB,iCAAiC,EACjC,oCAAoC,EACpC,eAAe,EACf,kCAAkC,EAClC,oCAAoC,EACpC,qBAAqB,EACrB,sBAAsB,EACtB,wCAAwC,EACxC,2BAA2B,CAC9B;YACDC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAAC8E,uBAAwB,EAAC,EAChC,GAAE9E,IAAI,CAAC8E,uBAAwB,IAAG;YACnC;YACA,IAAI9E,IAAI,CAAC+E,6BAA6B,GAChC,CACK,GAAE/E,IAAI,CAAC+E,6BAA8B,EAAC,EACtC,GAAE/E,IAAI,CAAC+E,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIL,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,CACjB;YACDC,QAAQ,EAAG,gBAAe7E,IAAI,CAACgF,mBAAoB;UACvD,CAAC,EACD;YACIN,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAE1D,MAAM,CAAC4B,WAAY,kBAAiBoB,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIS,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAE7E,IAAI,CAACiF,kBAAmB;UACzC,CAAC,EACD;YACIP,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,kBAAkB;YAC1BC,QAAQ,EAAE7E,IAAI,CAACkF;UACnB,CAAC;UACD;UACA,IAAIlF,IAAI,CAACmF,sBAAsB,GACzB,CACI;YACIT,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACL,GAAE7E,IAAI,CAACmF,sBAAuB,EAAC,EAC/B,GAAEnF,IAAI,CAACmF,sBAAuB,IAAG;UAE1C,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOhF,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN"}
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_kebabCase","_pulumi2","_lambdaUtils","_","_awsUtils","ApiGraphql","createAppModule","name","config","app","params","core","getModule","CoreOutput","policy","createGraphqlLambdaPolicy","role","createLambdaRole","output","graphql","addResource","lambda","Function","runtime","handler","arn","timeout","memorySize","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","_objectSpread2","default","env","AWS_NODEJS_CONNECTION_REUSE_ENABLED","vpcConfig","VpcConfig","functionVpcConfig","dynamodb","TableItem","tableName","primaryDynamodbTableName","hashKey","primaryDynamodbTableHashKey","rangeKey","primaryDynamodbTableRangeKey","key","item","interpolate","run","variant","apwSchedulerEventRule","apwSchedulerEventTarget","targetId","functions","addRoute","routeParams","apiGateway","resources","console","log","kebabName","toKebabCase","method","function","exports","coreOutput","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","description","Version","Statement","Sid","Effect","Action","Resource","primaryDynamodbTableArn","elasticsearchDynamodbTableArn","fileManagerBucketId","cognitoUserPoolArn","eventBusArn","elasticsearchDomainArn"],"sources":["ApiGraphql.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport toKebabCase from \"lodash/kebabCase\";\n\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"~/apps\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface GraphqlParams {\n env: Record<string, any>;\n apwSchedulerEventRule: pulumi.Output<aws.cloudwatch.EventRule>;\n apwSchedulerEventTarget: pulumi.Output<aws.cloudwatch.EventTarget>;\n}\n\nexport interface AddRouteParams {\n /**\n * Must be in kebab case (a-z and -)\n */\n name: string;\n path: `/${string}`;\n method: \"DELETE\" | \"GET\" | \"HEAD\" | \"PATCH\" | \"POST\" | \"PUT\" | \"OPTIONS\" | \"ANY\";\n}\n\nexport type ApiGraphql = PulumiAppModule<typeof ApiGraphql>;\n\nexport const ApiGraphql = createAppModule({\n name: \"ApiGraphql\",\n config(app: PulumiApp, params: GraphqlParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createGraphqlLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"api-lambda-role\",\n policy: policy.output\n });\n\n const graphql = app.addResource(aws.lambda.Function, {\n name: \"graphql\",\n config: {\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n role: role.output.arn,\n timeout: 30,\n memorySize: 512,\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"graphql/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n AWS_NODEJS_CONNECTION_REUSE_ENABLED: \"1\"\n }))\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n /**\n * Store meta information like \"mainGraphqlFunctionArn\" in APW settings at deploy time.\n *\n * Note: We can't pass \"mainGraphqlFunctionArn\" as env variable due to circular dependency between\n * \"graphql\" lambda and \"api-apw-scheduler-execute-action\" lambda.\n */\n app.addResource(aws.dynamodb.TableItem, {\n name: \"apwSettings\",\n config: {\n tableName: core.primaryDynamodbTableName,\n hashKey: core.primaryDynamodbTableHashKey,\n rangeKey: pulumi\n .output(core.primaryDynamodbTableRangeKey)\n .apply(key => key || \"SK\"),\n item: pulumi.interpolate`{\n \"PK\": {\"S\": \"APW#SETTINGS\"},\n \"SK\": {\"S\": \"${app.params.run.variant || \"default\"}\"},\n \"mainGraphqlFunctionArn\": {\"S\": \"${graphql.output.arn}\"},\n \"eventRuleName\": {\"S\": \"${params.apwSchedulerEventRule.name}\"},\n \"eventTargetId\": {\"S\": \"${params.apwSchedulerEventTarget.targetId}\"}\n }`\n }\n });\n\n return {\n role,\n policy,\n functions: {\n graphql\n },\n addRoute: (routeParams: AddRouteParams) => {\n const apiGateway: any = app.resources.apiGateway;\n if (!apiGateway) {\n console.log(\n \"Could not add route because there is no apiGateway in the resources.\"\n );\n return;\n }\n const kebabName = toKebabCase(routeParams.name);\n if (kebabName !== routeParams.name) {\n console.log(`Route name is not allowed: \"${routeParams.name}\".`);\n return;\n }\n return apiGateway.addRoute(routeParams.name, {\n path: routeParams.path,\n method: routeParams.method,\n function: graphql.output.arn\n });\n }\n };\n }\n});\n\nfunction createGraphqlLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ApiGraphqlLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:ConditionCheckItem\",\n \"dynamodb:CreateBackup\",\n \"dynamodb:CreateTable\",\n \"dynamodb:CreateTableReplica\",\n \"dynamodb:DeleteBackup\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:DeleteTable\",\n \"dynamodb:DeleteTableReplica\",\n \"dynamodb:DescribeBackup\",\n \"dynamodb:DescribeContinuousBackups\",\n \"dynamodb:DescribeContributorInsights\",\n \"dynamodb:DescribeExport\",\n \"dynamodb:DescribeKinesisStreamingDestination\",\n \"dynamodb:DescribeLimits\",\n \"dynamodb:DescribeReservedCapacity\",\n \"dynamodb:DescribeReservedCapacityOfferings\",\n \"dynamodb:DescribeStream\",\n \"dynamodb:DescribeTable\",\n \"dynamodb:DescribeTableReplicaAutoScaling\",\n \"dynamodb:DescribeTimeToLive\",\n \"dynamodb:DisableKinesisStreamingDestination\",\n \"dynamodb:EnableKinesisStreamingDestination\",\n \"dynamodb:ExportTableToPointInTime\",\n \"dynamodb:GetItem\",\n \"dynamodb:GetRecords\",\n \"dynamodb:GetShardIterator\",\n \"dynamodb:ListBackups\",\n \"dynamodb:ListContributorInsights\",\n \"dynamodb:ListExports\",\n \"dynamodb:ListStreams\",\n \"dynamodb:ListTables\",\n \"dynamodb:ListTagsOfResource\",\n \"dynamodb:PartiQLDelete\",\n \"dynamodb:PartiQLInsert\",\n \"dynamodb:PartiQLSelect\",\n \"dynamodb:PartiQLUpdate\",\n \"dynamodb:PurchaseReservedCapacityOfferings\",\n \"dynamodb:PutItem\",\n \"dynamodb:Query\",\n \"dynamodb:RestoreTableFromBackup\",\n \"dynamodb:RestoreTableToPointInTime\",\n \"dynamodb:Scan\",\n \"dynamodb:UpdateContinuousBackups\",\n \"dynamodb:UpdateContributorInsights\",\n \"dynamodb:UpdateItem\",\n \"dynamodb:UpdateTable\",\n \"dynamodb:UpdateTableReplicaAutoScaling\",\n \"dynamodb:UpdateTimeToLive\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\"\n ],\n Resource: `arn:aws:s3:::${core.fileManagerBucketId}/*`\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n {\n Sid: \"PermissionForEventBus\",\n Effect: \"Allow\",\n Action: \"events:PutEvents\",\n Resource: core.eventBusArn\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,UAAA,GAAAL,sBAAA,CAAAC,OAAA;AAEA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AACA,IAAAQ,SAAA,GAAAR,OAAA;AAmBO,MAAMS,UAAU,GAAG,IAAAC,wBAAe,EAAC;EACtCC,IAAI,EAAE,YAAY;EAClBC,MAAMA,CAACC,GAAc,EAAEC,MAAqB,EAAE;IAC1C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;IAEtC,MAAMC,MAAM,GAAGC,yBAAyB,CAACN,GAAG,CAAC;IAC7C,MAAMO,IAAI,GAAG,IAAAC,6BAAgB,EAACR,GAAG,EAAE;MAC/BF,IAAI,EAAE,iBAAiB;MACvBO,MAAM,EAAEA,MAAM,CAACI;IACnB,CAAC,CAAC;IAEF,MAAMC,OAAO,GAAGV,GAAG,CAACW,WAAW,CAACrB,GAAG,CAACsB,MAAM,CAACC,QAAQ,EAAE;MACjDf,IAAI,EAAE,SAAS;MACfC,MAAM,EAAE;QACJe,OAAO,EAAE,YAAY;QACrBC,OAAO,EAAE,iBAAiB;QAC1BR,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACO,GAAG;QACrBC,OAAO,EAAE,EAAE;QACXC,UAAU,EAAE,GAAG;QACfC,IAAI,EAAE,IAAI/B,MAAM,CAACgC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIjC,MAAM,CAACgC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACxB,GAAG,CAACyB,KAAK,CAACC,SAAS,EAAE,eAAe,CAClD;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACL9B,MAAM,CAACiC,GAAG;YACbC,mCAAmC,EAAE;UAAG,EAC1C;QACN,CAAC;QACDC,SAAS,EAAEpC,GAAG,CAACG,SAAS,CAACkC,WAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IACF;AACR;AACA;AACA;AACA;AACA;IACQtC,GAAG,CAACW,WAAW,CAACrB,GAAG,CAACiD,QAAQ,CAACC,SAAS,EAAE;MACpC1C,IAAI,EAAE,aAAa;MACnBC,MAAM,EAAE;QACJ0C,SAAS,EAAEvC,IAAI,CAACwC,wBAAwB;QACxCC,OAAO,EAAEzC,IAAI,CAAC0C,2BAA2B;QACzCC,QAAQ,EAAEzD,MAAM,CACXqB,MAAM,CAACP,IAAI,CAAC4C,4BAA4B,CAAC,CACzChB,KAAK,CAACiB,GAAG,IAAIA,GAAG,IAAI,IAAI,CAAC;QAC9BC,IAAI,EAAE5D,MAAM,CAAC6D,WAAY;AACzC;AACA,6BAA6BjD,GAAG,CAACC,MAAM,CAACiD,GAAG,CAACC,OAAO,IAAI,SAAU;AACjE,iDAAiDzC,OAAO,CAACD,MAAM,CAACO,GAAI;AACpE,wCAAwCf,MAAM,CAACmD,qBAAqB,CAACtD,IAAK;AAC1E,wCAAwCG,MAAM,CAACoD,uBAAuB,CAACC,QAAS;AAChF;MACY;IACJ,CAAC,CAAC;IAEF,OAAO;MACH/C,IAAI;MACJF,MAAM;MACNkD,SAAS,EAAE;QACP7C;MACJ,CAAC;MACD8C,QAAQ,EAAGC,WAA2B,IAAK;QACvC,MAAMC,UAAe,GAAG1D,GAAG,CAAC2D,SAAS,CAACD,UAAU;QAChD,IAAI,CAACA,UAAU,EAAE;UACbE,OAAO,CAACC,GAAG,CACP,sEACJ,CAAC;UACD;QACJ;QACA,MAAMC,SAAS,GAAG,IAAAC,kBAAW,EAACN,WAAW,CAAC3D,IAAI,CAAC;QAC/C,IAAIgE,SAAS,KAAKL,WAAW,CAAC3D,IAAI,EAAE;UAChC8D,OAAO,CAACC,GAAG,CAAE,+BAA8BJ,WAAW,CAAC3D,IAAK,IAAG,CAAC;UAChE;QACJ;QACA,OAAO4D,UAAU,CAACF,QAAQ,CAACC,WAAW,CAAC3D,IAAI,EAAE;UACzCyB,IAAI,EAAEkC,WAAW,CAAClC,IAAI;UACtByC,MAAM,EAAEP,WAAW,CAACO,MAAM;UAC1BC,QAAQ,EAAEvD,OAAO,CAACD,MAAM,CAACO;QAC7B,CAAC,CAAC;MACN;IACJ,CAAC;EACL;AACJ,CAAC,CAAC;AAACkD,OAAA,CAAAtE,UAAA,GAAAA,UAAA;AAEH,SAASU,yBAAyBA,CAACN,GAAc,EAAE;EAC/C,MAAMmE,UAAU,GAAGnE,GAAG,CAACG,SAAS,CAACC,YAAU,CAAC;EAC5C,MAAMgE,YAAY,GAAG,IAAAC,yBAAe,EAACrE,GAAG,CAAC;EACzC,MAAMsE,SAAS,GAAG,IAAAC,sBAAY,EAACvE,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACW,WAAW,CAACrB,GAAG,CAACkF,GAAG,CAACC,MAAM,EAAE;IACnC3E,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ2E,WAAW,EAAE,oEAAoE;MACjF;MACArE,MAAM,EAAE8D,UAAU,CAACrC,KAAK,CAAC5B,IAAI,IAAI;QAC7B,MAAMG,MAA8B,GAAG;UACnCsE,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,6BAA6B,EAC7B,uBAAuB,EACvB,sBAAsB,EACtB,6BAA6B,EAC7B,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,6BAA6B,EAC7B,yBAAyB,EACzB,oCAAoC,EACpC,sCAAsC,EACtC,yBAAyB,EACzB,8CAA8C,EAC9C,yBAAyB,EACzB,mCAAmC,EACnC,4CAA4C,EAC5C,yBAAyB,EACzB,wBAAwB,EACxB,0CAA0C,EAC1C,6BAA6B,EAC7B,6CAA6C,EAC7C,4CAA4C,EAC5C,mCAAmC,EACnC,kBAAkB,EAClB,qBAAqB,EACrB,2BAA2B,EAC3B,sBAAsB,EACtB,kCAAkC,EAClC,sBAAsB,EACtB,sBAAsB,EACtB,qBAAqB,EACrB,6BAA6B,EAC7B,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,wBAAwB,EACxB,4CAA4C,EAC5C,kBAAkB,EAClB,gBAAgB,EAChB,iCAAiC,EACjC,oCAAoC,EACpC,eAAe,EACf,kCAAkC,EAClC,oCAAoC,EACpC,qBAAqB,EACrB,sBAAsB,EACtB,wCAAwC,EACxC,2BAA2B,CAC9B;YACDC,QAAQ,EAAE,CACL,GAAE9E,IAAI,CAAC+E,uBAAwB,EAAC,EAChC,GAAE/E,IAAI,CAAC+E,uBAAwB,IAAG;YACnC;YACA,IAAI/E,IAAI,CAACgF,6BAA6B,GAChC,CACK,GAAEhF,IAAI,CAACgF,6BAA8B,EAAC,EACtC,GAAEhF,IAAI,CAACgF,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIL,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,CACjB;YACDC,QAAQ,EAAG,gBAAe9E,IAAI,CAACiF,mBAAoB;UACvD,CAAC,EACD;YACIN,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAE5F,MAAM,CAAC6D,WAAY,kBAAiBqB,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIS,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAE9E,IAAI,CAACkF,kBAAmB;UACzC,CAAC,EACD;YACIP,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,kBAAkB;YAC1BC,QAAQ,EAAE9E,IAAI,CAACmF;UACnB,CAAC;UACD;UACA,IAAInF,IAAI,CAACoF,sBAAsB,GACzB,CACI;YACIT,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACL,GAAE9E,IAAI,CAACoF,sBAAuB,EAAC,EAC/B,GAAEpF,IAAI,CAACoF,sBAAuB,IAAG;UAE1C,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOjF,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiMigration","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","role","createLambdaRole","policy","output","migration","addResource","
|
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","pulumi","_interopRequireWildcard","aws","_pulumi2","_lambdaUtils","_common","_","ApiMigration","createAppModule","name","config","app","core","getModule","CoreOutput","graphql","ApiGraphql","role","createLambdaRole","policy","output","migration","addResource","lambda","Function","handler","timeout","runtime","memorySize","arn","description","code","asset","AssetArchive","FileArchive","path","join","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","_objectSpread2","default","COGNITO_REGION","String","process","env","AWS_REGION","COGNITO_USER_POOL_ID","cognitoUserPoolId","DB_TABLE","primaryDynamodbTableName","DB_TABLE_ELASTICSEARCH","elasticsearchDynamodbTableName","ELASTIC_SEARCH_ENDPOINT","elasticsearchDomainEndpoint","ELASTIC_SEARCH_INDEX_PREFIX","ELASTICSEARCH_SHARED_INDEXES","S3_BUCKET","fileManagerBucketId","vpcConfig","VpcConfig","functionVpcConfig","function","exports"],"sources":["ApiMigration.ts"],"sourcesContent":["import path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\n\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { CoreOutput, VpcConfig } from \"../common\";\nimport { ApiGraphql } from \"~/apps\";\n\nexport type ApiMigration = PulumiAppModule<typeof ApiMigration>;\n\nexport const ApiMigration = createAppModule({\n name: \"ApiMigration\",\n config(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const graphql = app.getModule(ApiGraphql);\n\n const role = createLambdaRole(app, {\n name: \"migration-lambda-role\",\n policy: graphql.policy.output\n });\n\n const migration = app.addResource(aws.lambda.Function, {\n name: \"data-migration\",\n config: {\n handler: \"handler.handler\",\n timeout: 900,\n runtime: \"nodejs14.x\",\n memorySize: 3008,\n role: role.output.arn,\n description: \"Performs data migrations.\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"migration/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n COGNITO_REGION: String(process.env.AWS_REGION),\n COGNITO_USER_POOL_ID: core.cognitoUserPoolId,\n DB_TABLE: core.primaryDynamodbTableName,\n DB_TABLE_ELASTICSEARCH: core.elasticsearchDynamodbTableName,\n ELASTIC_SEARCH_ENDPOINT: core.elasticsearchDomainEndpoint,\n ELASTIC_SEARCH_INDEX_PREFIX: process.env.ELASTIC_SEARCH_INDEX_PREFIX,\n ELASTICSEARCH_SHARED_INDEXES: process.env.ELASTICSEARCH_SHARED_INDEXES,\n S3_BUCKET: core.fileManagerBucketId\n })) as Record<string, any>\n },\n vpcConfig: app.getModule(VpcConfig).functionVpcConfig\n }\n });\n\n return {\n function: migration\n };\n }\n});\n"],"mappings":";;;;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,GAAA,GAAAD,uBAAA,CAAAF,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AAEA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,CAAA,GAAAP,OAAA;AAIO,MAAMQ,YAAY,GAAG,IAAAC,wBAAe,EAAC;EACxCC,IAAI,EAAE,cAAc;EACpBC,MAAMA,CAACC,GAAc,EAAE;IACnB,MAAMC,IAAI,GAAGD,GAAG,CAACE,SAAS,CAACC,kBAAU,CAAC;IACtC,MAAMC,OAAO,GAAGJ,GAAG,CAACE,SAAS,CAACG,YAAU,CAAC;IAEzC,MAAMC,IAAI,GAAG,IAAAC,6BAAgB,EAACP,GAAG,EAAE;MAC/BF,IAAI,EAAE,uBAAuB;MAC7BU,MAAM,EAAEJ,OAAO,CAACI,MAAM,CAACC;IAC3B,CAAC,CAAC;IAEF,MAAMC,SAAS,GAAGV,GAAG,CAACW,WAAW,CAACpB,GAAG,CAACqB,MAAM,CAACC,QAAQ,EAAE;MACnDf,IAAI,EAAE,gBAAgB;MACtBC,MAAM,EAAE;QACJe,OAAO,EAAE,iBAAiB;QAC1BC,OAAO,EAAE,GAAG;QACZC,OAAO,EAAE,YAAY;QACrBC,UAAU,EAAE,IAAI;QAChBX,IAAI,EAAEA,IAAI,CAACG,MAAM,CAACS,GAAG;QACrBC,WAAW,EAAE,2BAA2B;QACxCC,IAAI,EAAE,IAAI/B,MAAM,CAACgC,KAAK,CAACC,YAAY,CAAC;UAChC,GAAG,EAAE,IAAIjC,MAAM,CAACgC,KAAK,CAACE,WAAW,CAC7BC,aAAI,CAACC,IAAI,CAACzB,GAAG,CAAC0B,KAAK,CAACC,SAAS,EAAE,iBAAiB,CACpD;QACJ,CAAC,CAAC;QACFC,WAAW,EAAE;UACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK;YACRG,cAAc,EAAEC,MAAM,CAACC,OAAO,CAACC,GAAG,CAACC,UAAU,CAAC;YAC9CC,oBAAoB,EAAEvC,IAAI,CAACwC,iBAAiB;YAC5CC,QAAQ,EAAEzC,IAAI,CAAC0C,wBAAwB;YACvCC,sBAAsB,EAAE3C,IAAI,CAAC4C,8BAA8B;YAC3DC,uBAAuB,EAAE7C,IAAI,CAAC8C,2BAA2B;YACzDC,2BAA2B,EAAEX,OAAO,CAACC,GAAG,CAACU,2BAA2B;YACpEC,4BAA4B,EAAEZ,OAAO,CAACC,GAAG,CAACW,4BAA4B;YACtEC,SAAS,EAAEjD,IAAI,CAACkD;UAAmB,EACrC;QACN,CAAC;QACDC,SAAS,EAAEpD,GAAG,CAACE,SAAS,CAACmD,iBAAS,CAAC,CAACC;MACxC;IACJ,CAAC,CAAC;IAEF,OAAO;MACHC,QAAQ,EAAE7C;IACd,CAAC;EACL;AACJ,CAAC,CAAC;AAAC8C,OAAA,CAAA5D,YAAA,GAAAA,YAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiOutput","createAppModule","name","config","app","addHandler","output","getStackOutput","folder","env","params","run","Error","apiDomain","apiUrl","apwSchedulerEventRule","apwSchedulerEventTargetId","apwSchedulerExecuteAction","apwSchedulerScheduleAction","cognitoAppClientId","cognitoUserPoolId","cognitoUserPoolPasswordPolicy","dynamoDbTable","region"],"sources":["ApiOutput.ts"],"sourcesContent":["import { createAppModule, PulumiAppModule } from \"@webiny/pulumi\";\nimport { getStackOutput } from \"@webiny/cli-plugin-deploy-pulumi/utils\";\n\nexport type ApiOutput = PulumiAppModule<typeof ApiOutput>;\n\nexport const ApiOutput = createAppModule({\n name: \"ApiOutput\",\n config(app) {\n return app.addHandler(async () => {\n const output = getStackOutput({\n folder: \"apps/api\",\n env: app.params.run.env\n });\n\n if (!output) {\n throw new Error(\"API application is not deployed.\");\n }\n\n return {\n apiDomain: output[\"apiDomain\"] as string,\n apiUrl: output[\"apiUrl\"] as string,\n apwSchedulerEventRule: output[\"apwSchedulerEventRule\"] as string | undefined,\n apwSchedulerEventTargetId: output[\"apwSchedulerEventTargetId\"] as\n | string\n | undefined,\n apwSchedulerExecuteAction: output[\"apwSchedulerExecuteAction\"] as\n | string\n | undefined,\n apwSchedulerScheduleAction: output[\"apwSchedulerScheduleAction\"] as\n | string\n | undefined,\n cognitoAppClientId: output[\"cognitoAppClientId\"] as string,\n cognitoUserPoolId: output[\"cognitoUserPoolId\"] as string,\n cognitoUserPoolPasswordPolicy: output[\"cognitoUserPoolPasswordPolicy\"] as string,\n dynamoDbTable: output[\"dynamoDbTable\"] as string,\n region: output[\"region\"] as string\n };\n });\n }\n});\n"],"mappings":";;;;;;AAAA;AACA;AAIO,
|
|
1
|
+
{"version":3,"names":["_pulumi","require","_utils","ApiOutput","createAppModule","name","config","app","addHandler","output","getStackOutput","folder","env","params","run","Error","apiDomain","apiUrl","apwSchedulerEventRule","apwSchedulerEventTargetId","apwSchedulerExecuteAction","apwSchedulerScheduleAction","cognitoAppClientId","cognitoUserPoolId","cognitoUserPoolPasswordPolicy","dynamoDbTable","region","exports"],"sources":["ApiOutput.ts"],"sourcesContent":["import { createAppModule, PulumiAppModule } from \"@webiny/pulumi\";\nimport { getStackOutput } from \"@webiny/cli-plugin-deploy-pulumi/utils\";\n\nexport type ApiOutput = PulumiAppModule<typeof ApiOutput>;\n\nexport const ApiOutput = createAppModule({\n name: \"ApiOutput\",\n config(app) {\n return app.addHandler(async () => {\n const output = getStackOutput({\n folder: \"apps/api\",\n env: app.params.run.env\n });\n\n if (!output) {\n throw new Error(\"API application is not deployed.\");\n }\n\n return {\n apiDomain: output[\"apiDomain\"] as string,\n apiUrl: output[\"apiUrl\"] as string,\n apwSchedulerEventRule: output[\"apwSchedulerEventRule\"] as string | undefined,\n apwSchedulerEventTargetId: output[\"apwSchedulerEventTargetId\"] as\n | string\n | undefined,\n apwSchedulerExecuteAction: output[\"apwSchedulerExecuteAction\"] as\n | string\n | undefined,\n apwSchedulerScheduleAction: output[\"apwSchedulerScheduleAction\"] as\n | string\n | undefined,\n cognitoAppClientId: output[\"cognitoAppClientId\"] as string,\n cognitoUserPoolId: output[\"cognitoUserPoolId\"] as string,\n cognitoUserPoolPasswordPolicy: output[\"cognitoUserPoolPasswordPolicy\"] as string,\n dynamoDbTable: output[\"dynamoDbTable\"] as string,\n region: output[\"region\"] as string\n };\n });\n }\n});\n"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAIO,MAAME,SAAS,GAAG,IAAAC,uBAAe,EAAC;EACrCC,IAAI,EAAE,WAAW;EACjBC,MAAMA,CAACC,GAAG,EAAE;IACR,OAAOA,GAAG,CAACC,UAAU,CAAC,YAAY;MAC9B,MAAMC,MAAM,GAAG,IAAAC,qBAAc,EAAC;QAC1BC,MAAM,EAAE,UAAU;QAClBC,GAAG,EAAEL,GAAG,CAACM,MAAM,CAACC,GAAG,CAACF;MACxB,CAAC,CAAC;MAEF,IAAI,CAACH,MAAM,EAAE;QACT,MAAM,IAAIM,KAAK,CAAC,kCAAkC,CAAC;MACvD;MAEA,OAAO;QACHC,SAAS,EAAEP,MAAM,CAAC,WAAW,CAAW;QACxCQ,MAAM,EAAER,MAAM,CAAC,QAAQ,CAAW;QAClCS,qBAAqB,EAAET,MAAM,CAAC,uBAAuB,CAAuB;QAC5EU,yBAAyB,EAAEV,MAAM,CAAC,2BAA2B,CAE9C;QACfW,yBAAyB,EAAEX,MAAM,CAAC,2BAA2B,CAE9C;QACfY,0BAA0B,EAAEZ,MAAM,CAAC,4BAA4B,CAEhD;QACfa,kBAAkB,EAAEb,MAAM,CAAC,oBAAoB,CAAW;QAC1Dc,iBAAiB,EAAEd,MAAM,CAAC,mBAAmB,CAAW;QACxDe,6BAA6B,EAAEf,MAAM,CAAC,+BAA+B,CAAW;QAChFgB,aAAa,EAAEhB,MAAM,CAAC,eAAe,CAAW;QAChDiB,MAAM,EAAEjB,MAAM,CAAC,QAAQ;MAC3B,CAAC;IACL,CAAC,CAAC;EACN;AACJ,CAAC,CAAC;AAACkB,OAAA,CAAAxB,SAAA,GAAAA,SAAA"}
|
|
@@ -100,6 +100,7 @@ function createExportLambdaPolicy(app) {
|
|
|
100
100
|
const core = app.getModule(_common.CoreOutput);
|
|
101
101
|
const awsAccountId = (0, _awsUtils.getAwsAccountId)(app);
|
|
102
102
|
const awsRegion = (0, _awsUtils.getAwsRegion)(app);
|
|
103
|
+
const elasticSearchEnabled = !!app.params.create.elasticSearch;
|
|
103
104
|
return app.addResource(aws.iam.Policy, {
|
|
104
105
|
name: "PbExportTaskLambdaPolicy",
|
|
105
106
|
config: {
|
|
@@ -123,7 +124,14 @@ function createExportLambdaPolicy(app) {
|
|
|
123
124
|
Effect: "Allow",
|
|
124
125
|
Action: ["lambda:InvokeFunction"],
|
|
125
126
|
Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`
|
|
126
|
-
}
|
|
127
|
+
},
|
|
128
|
+
// Attach permissions for elastic search domain as well (if ES is enabled).
|
|
129
|
+
...(elasticSearchEnabled ? [{
|
|
130
|
+
Sid: "PermissionForES",
|
|
131
|
+
Effect: "Allow",
|
|
132
|
+
Action: "es:*",
|
|
133
|
+
Resource: [pulumi.interpolate`${core.elasticsearchDomainArn}`, pulumi.interpolate`${core.elasticsearchDomainArn}/*`]
|
|
134
|
+
}] : [])]
|
|
127
135
|
}
|
|
128
136
|
}
|
|
129
137
|
});
|
|
@@ -187,6 +195,7 @@ function createImportLambdaPolicy(app) {
|
|
|
187
195
|
const coreOutput = app.getModule(_common.CoreOutput);
|
|
188
196
|
const awsAccountId = (0, _awsUtils.getAwsAccountId)(app);
|
|
189
197
|
const awsRegion = (0, _awsUtils.getAwsRegion)(app);
|
|
198
|
+
const elasticSearchEnabled = !!app.params.create.elasticSearch;
|
|
190
199
|
return app.addResource(aws.iam.Policy, {
|
|
191
200
|
name: "ImportLambdaPolicy",
|
|
192
201
|
config: {
|
|
@@ -221,11 +230,11 @@ function createImportLambdaPolicy(app) {
|
|
|
221
230
|
Resource: `${core.cognitoUserPoolArn}`
|
|
222
231
|
},
|
|
223
232
|
// Attach permissions for elastic search domain as well (if ES is enabled).
|
|
224
|
-
...(
|
|
233
|
+
...(elasticSearchEnabled ? [{
|
|
225
234
|
Sid: "PermissionForES",
|
|
226
235
|
Effect: "Allow",
|
|
227
236
|
Action: "es:*",
|
|
228
|
-
Resource: [`${core.elasticsearchDomainArn}`, `${core.elasticsearchDomainArn}/*`]
|
|
237
|
+
Resource: [pulumi.interpolate`${core.elasticsearchDomainArn}`, pulumi.interpolate`${core.elasticsearchDomainArn}/*`]
|
|
229
238
|
}] : [])]
|
|
230
239
|
};
|
|
231
240
|
return policy;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ApiPageBuilder","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","path","join","resolve","createInstallationZip","aws","s3","BucketObject","key","bucket","fileManagerBucketId","contentType","source","pulumi","asset","FileAsset","exportResources","createExportResources","importResources","createImportResources","export","import","policy","createExportLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","env","S3_BUCKET","process","EXPORT_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","createImportLambdaPolicy","create","IMPORT_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn","elasticsearchDomainArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n//@ts-ignore\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportResources = createExportResources(app, params);\n const importResources = createImportResources(app, params);\n\n return {\n export: exportResources,\n import: importResources\n };\n }\n});\n\nfunction createExportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-combine\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n }\n ]\n }\n }\n });\n}\n\nfunction createImportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-create\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(core.elasticsearchDomainArn\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n `${core.elasticsearchDomainArn}`,\n `${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA;AACA;AACA;AAGA;AACA;AACA;AACA;AACA;AALA;;AAaO,MAAMA,cAAc,GAAG,IAAAC,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAM,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;IAEtCJ,GAAG,CAACK,UAAU,CAAC,MAAM;MACjB,MAAMC,qBAAqB,GAAGC,IAAI,CAACC,IAAI,CAACD,IAAI,CAACE,OAAO,EAAE,EAAE,MAAM,EAAE,oBAAoB,CAAC;MACrF;MACA,IAAAC,mCAAqB,EAACJ,qBAAqB,CAAC;MAE5C,IAAIK,GAAG,CAACC,EAAE,CAACC,YAAY,CAAC,sBAAsB,EAAE;QAC5CC,GAAG,EAAE,oBAAoB;QACzBC,MAAM,EAAEb,IAAI,CAACc,mBAAmB;QAChCC,WAAW,EAAE,0BAA0B;QACvCC,MAAM,EAAE,IAAIC,MAAM,CAACC,KAAK,CAACC,SAAS,CAACf,qBAAqB;MAC5D,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMgB,eAAe,GAAGC,qBAAqB,CAACvB,GAAG,EAAEC,MAAM,CAAC;IAC1D,MAAMuB,eAAe,GAAGC,qBAAqB,CAACzB,GAAG,EAAEC,MAAM,CAAC;IAE1D,OAAO;MACHyB,MAAM,EAAEJ,eAAe;MACvBK,MAAM,EAAEH;IACZ,CAAC;EACL;AACJ,CAAC,CAAC;AAAC;AAEH,SAASD,qBAAqB,CAACvB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMwB,MAAM,GAAGC,wBAAwB,CAAC7B,GAAG,CAAC;EAC5C,MAAM8B,IAAI,GAAG,IAAAC,6BAAgB,EAAC/B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B8B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMC,OAAO,GAAGjC,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACwB,MAAM,CAACC,QAAQ,EAAE;IACjDtC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ+B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAK,CAACwB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIzB,MAAM,CAACC,KAAK,CAACyB,WAAW,CAC7BtC,IAAI,CAACC,IAAI,CAACR,GAAG,CAAC8C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CAAC;MAE1E,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACLnD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACc;QAAmB,EACrC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMuC,OAAO,GAAGvD,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACwB,MAAM,CAACC,QAAQ,EAAE;IACjDtC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ+B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAK,CAACwB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIzB,MAAM,CAACC,KAAK,CAACyB,WAAW,CAC7BtC,IAAI,CAACC,IAAI,CAACR,GAAG,CAAC8C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CAAC;MAE1E,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACLnD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACc,mBAAmB;UACnCwC,sBAAsB,EAAEvB,OAAO,CAACD,MAAM,CAACK;QAAG,EAC5C;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN6B,SAAS,EAAE;MACPF,OAAO;MACPtB;IACJ;EACJ,CAAC;AACL;AAEA,SAASJ,wBAAwB,CAAC7B,GAAc,EAAE;EAC9C,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMsD,YAAY,GAAG,IAAAC,yBAAe,EAAC3D,GAAG,CAAC;EACzC,MAAM4D,SAAS,GAAG,IAAAC,sBAAY,EAAC7D,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACmD,GAAG,CAACC,MAAM,EAAE;IACnCjE,IAAI,EAAE,0BAA0B;IAChCC,MAAM,EAAE;MACJ2C,WAAW,EAAE,wCAAwC;MACrDd,MAAM,EAAE;QACJoC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,GAAEpE,IAAI,CAACqE,uBAAwB,EAAC,EACnDpD,MAAM,CAACmD,WAAY,GAAEpE,IAAI,CAACqE,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNlD,MAAM,CAACmD,WAAY,gBAAepE,IAAI,CAACc,mBAAoB,IAAG;UAC9D;UACAG,MAAM,CAACmD,WAAY,gBAAepE,IAAI,CAACc,mBAAoB,EAAC;QAEpE,CAAC,EACD;UACIkD,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCC,QAAQ,EAAElD,MAAM,CAACmD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;QAC5E,CAAC;MAET;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASjC,qBAAqB,CAACzB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMwB,MAAM,GAAG4C,wBAAwB,CAACxE,GAAG,CAAC;EAC5C,MAAM8B,IAAI,GAAG,IAAAC,6BAAgB,EAAC/B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B8B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMuB,OAAO,GAAGvD,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACwB,MAAM,CAACC,QAAQ,EAAE;IACjDtC,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJ+B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,sCAAsC;MACnDC,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAK,CAACwB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIzB,MAAM,CAACC,KAAK,CAACyB,WAAW,CAC7BtC,IAAI,CAACC,IAAI,CAACR,GAAG,CAAC8C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CAAC;MAE1E,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACLnD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACc;QAAmB,EACrC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMyD,MAAM,GAAGzE,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACwB,MAAM,CAACC,QAAQ,EAAE;IAChDtC,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ+B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,qCAAqC;MAClDC,IAAI,EAAE,IAAIxB,MAAM,CAACC,KAAK,CAACwB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIzB,MAAM,CAACC,KAAK,CAACyB,WAAW,CAC7BtC,IAAI,CAACC,IAAI,CAACR,GAAG,CAAC8C,KAAK,CAACC,SAAS,EAAE,iCAAiC,CAAC;MAEzE,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,GAAE,CAACC,KAAK,CAACC,KAAK,4FAC7CA,KAAK,GACLnD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACc,mBAAmB;UACnC0D,4BAA4B,EAAEnB,OAAO,CAACvB,MAAM,CAACK;QAAG,EAClD;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN6B,SAAS,EAAE;MACPgB,MAAM;MACNlB;IACJ;EACJ,CAAC;AACL;AAEA,SAASiB,wBAAwB,CAACxE,GAAc,EAAE;EAC9C,MAAM2E,UAAU,GAAG3E,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAC5C,MAAMsD,YAAY,GAAG,IAAAC,yBAAe,EAAC3D,GAAG,CAAC;EACzC,MAAM4D,SAAS,GAAG,IAAAC,sBAAY,EAAC7D,GAAG,CAAC;EAEnC,OAAOA,GAAG,CAACkC,WAAW,CAACvB,GAAG,CAACmD,GAAG,CAACC,MAAM,EAAE;IACnCjE,IAAI,EAAE,oBAAoB;IAC1BC,MAAM,EAAE;MACJ2C,WAAW,EAAE,iEAAiE;MAC9E;MACAd,MAAM,EAAE+C,UAAU,CAACxB,KAAK,CAACjD,IAAI,IAAI;QAC7B,MAAM0B,MAA8B,GAAG;UACnCoC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;YACDC,QAAQ,EAAE,CACL,GAAEnE,IAAI,CAACqE,uBAAwB,EAAC,EAChC,GAAErE,IAAI,CAACqE,uBAAwB,IAAG;YACnC;YACA,IAAIrE,IAAI,CAAC0E,6BAA6B,GAChC,CACK,GAAE1E,IAAI,CAAC0E,6BAA8B,EAAC,EACtC,GAAE1E,IAAI,CAAC0E,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIV,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CACL,gBAAenE,IAAI,CAACc,mBAAoB,IAAG;YAC5C;YACC,gBAAed,IAAI,CAACc,mBAAoB,EAAC;UAElD,CAAC,EACD;YACIkD,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAElD,MAAM,CAACmD,WAAY,kBAAiBV,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIQ,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAEnE,IAAI,CAAC2E,kBAAmB;UACzC,CAAC;UACD;UACA,IAAI3E,IAAI,CAAC4E,sBAAsB,GACzB,CACI;YACIZ,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACL,GAAEnE,IAAI,CAAC4E,sBAAuB,EAAC,EAC/B,GAAE5E,IAAI,CAAC4E,sBAAuB,IAAG;UAE1C,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOlD,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN"}
|
|
1
|
+
{"version":3,"names":["path","_interopRequireWildcard","require","pulumi","aws","_installation","_pulumi2","_common","_lambdaUtils","_awsUtils","ApiPageBuilder","createAppModule","name","config","app","params","core","getModule","CoreOutput","addHandler","pbInstallationZipPath","join","resolve","createInstallationZip","s3","BucketObject","key","bucket","fileManagerBucketId","contentType","source","asset","FileAsset","exportResources","createExportResources","importResources","createImportResources","export","import","exports","policy","createExportLambdaPolicy","role","createLambdaRole","output","combine","addResource","lambda","Function","arn","runtime","handler","timeout","memorySize","description","code","AssetArchive","FileArchive","paths","workspace","environment","variables","getCommonLambdaEnvVariables","apply","value","_objectSpread2","default","env","S3_BUCKET","process","EXPORT_COMBINE_HANDLER","functions","awsAccountId","getAwsAccountId","awsRegion","getAwsRegion","elasticSearchEnabled","create","elasticSearch","iam","Policy","Version","Statement","Sid","Effect","Action","Resource","interpolate","primaryDynamodbTableArn","elasticsearchDomainArn","createImportLambdaPolicy","IMPORT_QUEUE_PROCESS_HANDLER","coreOutput","elasticsearchDynamodbTableArn","cognitoUserPoolArn"],"sources":["ApiPageBuilder.ts"],"sourcesContent":["import * as path from \"path\";\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n//@ts-ignore\nimport { createInstallationZip } from \"@webiny/api-page-builder/installation\";\nimport { createAppModule, PulumiApp, PulumiAppModule } from \"@webiny/pulumi\";\nimport { CoreOutput } from \"../common\";\nimport { createLambdaRole, getCommonLambdaEnvVariables } from \"../lambdaUtils\";\nimport { getAwsAccountId, getAwsRegion } from \"../awsUtils\";\n\ninterface PageBuilderParams {\n env: Record<string, any>;\n}\n\nexport type ApiPageBuilder = PulumiAppModule<typeof ApiPageBuilder>;\n\nexport const ApiPageBuilder = createAppModule({\n name: \"ApiPageBuilder\",\n config(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n app.addHandler(() => {\n const pbInstallationZipPath = path.join(path.resolve(), \".tmp\", \"pbInstallation.zip\");\n // Will create \"pbInstallation.zip\" and save it in the `pbInstallationZipPath` path.\n createInstallationZip(pbInstallationZipPath);\n\n new aws.s3.BucketObject(\"./pbInstallation.zip\", {\n key: \"pbInstallation.zip\",\n bucket: core.fileManagerBucketId,\n contentType: \"application/octet-stream\",\n source: new pulumi.asset.FileAsset(pbInstallationZipPath)\n });\n });\n\n const exportResources = createExportResources(app, params);\n const importResources = createImportResources(app, params);\n\n return {\n export: exportResources,\n import: importResources\n };\n }\n});\n\nfunction createExportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n\n const policy = createExportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-export-lambda-role\",\n policy: policy.output\n });\n\n const combine = app.addResource(aws.lambda.Function, {\n name: \"pb-export-combine\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle export's combine workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/combine/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-export-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 128,\n description: \"Handle export's process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/export/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n EXPORT_COMBINE_HANDLER: combine.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n process,\n combine\n }\n };\n}\n\nfunction createExportLambdaPolicy(app: PulumiApp) {\n const core = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"PbExportTaskLambdaPolicy\",\n config: {\n description: \"This policy enables access to Dynamodb\",\n policy: {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"AllowDynamoDBAccess\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n pulumi.interpolate`${core.primaryDynamodbTableArn}`,\n pulumi.interpolate`${core.primaryDynamodbTableArn}/*`\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n pulumi.interpolate`arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n }\n }\n });\n}\n\nfunction createImportResources(app: PulumiApp, params: PageBuilderParams) {\n const core = app.getModule(CoreOutput);\n const policy = createImportLambdaPolicy(app);\n const role = createLambdaRole(app, {\n name: \"pb-import-lambda-role\",\n policy: policy.output\n });\n\n const process = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-process\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue process workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/process/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId\n }))\n }\n }\n });\n\n const create = app.addResource(aws.lambda.Function, {\n name: \"pb-import-queue-create\",\n config: {\n role: role.output.arn,\n runtime: \"nodejs14.x\",\n handler: \"handler.handler\",\n timeout: 60,\n memorySize: 512,\n description: \"Handle import queue create workflow\",\n code: new pulumi.asset.AssetArchive({\n \".\": new pulumi.asset.FileArchive(\n path.join(app.paths.workspace, \"pageBuilder/import/create/build\")\n )\n }),\n environment: {\n variables: getCommonLambdaEnvVariables().apply(value => ({\n ...value,\n ...params.env,\n S3_BUCKET: core.fileManagerBucketId,\n IMPORT_QUEUE_PROCESS_HANDLER: process.output.arn\n }))\n }\n }\n });\n\n return {\n role,\n policy,\n functions: {\n create,\n process\n }\n };\n}\n\nfunction createImportLambdaPolicy(app: PulumiApp) {\n const coreOutput = app.getModule(CoreOutput);\n const awsAccountId = getAwsAccountId(app);\n const awsRegion = getAwsRegion(app);\n\n const elasticSearchEnabled = !!app.params.create.elasticSearch;\n\n return app.addResource(aws.iam.Policy, {\n name: \"ImportLambdaPolicy\",\n config: {\n description: \"This policy enables access Dynamodb, S3, Lambda and Cognito IDP\",\n // Core is pulumi.Output, so we need to run apply() to resolve policy based on it\n policy: coreOutput.apply(core => {\n const policy: aws.iam.PolicyDocument = {\n Version: \"2012-10-17\",\n Statement: [\n {\n Sid: \"PermissionForDynamodb\",\n Effect: \"Allow\",\n Action: [\n \"dynamodb:BatchGetItem\",\n \"dynamodb:BatchWriteItem\",\n \"dynamodb:PutItem\",\n \"dynamodb:DeleteItem\",\n \"dynamodb:GetItem\",\n \"dynamodb:Query\",\n \"dynamodb:UpdateItem\"\n ],\n Resource: [\n `${core.primaryDynamodbTableArn}`,\n `${core.primaryDynamodbTableArn}/*`,\n // Attach permissions for elastic search dynamo as well (if ES is enabled).\n ...(core.elasticsearchDynamodbTableArn\n ? [\n `${core.elasticsearchDynamodbTableArn}`,\n `${core.elasticsearchDynamodbTableArn}/*`\n ]\n : [])\n ]\n },\n {\n Sid: \"PermissionForS3\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObjectAcl\",\n \"s3:DeleteObject\",\n \"s3:PutObjectAcl\",\n \"s3:PutObject\",\n \"s3:GetObject\",\n \"s3:ListBucket\"\n ],\n Resource: [\n `arn:aws:s3:::${core.fileManagerBucketId}/*`,\n // We need to explicitly add bucket ARN to \"Resource\" list for \"s3:ListBucket\" action.\n `arn:aws:s3:::${core.fileManagerBucketId}`\n ]\n },\n {\n Sid: \"PermissionForLambda\",\n Effect: \"Allow\",\n Action: [\"lambda:InvokeFunction\"],\n Resource: pulumi.interpolate`arn:aws:lambda:${awsRegion}:${awsAccountId}:function:*`\n },\n {\n Sid: \"PermissionForCognitoIdp\",\n Effect: \"Allow\",\n Action: \"cognito-idp:*\",\n Resource: `${core.cognitoUserPoolArn}`\n },\n // Attach permissions for elastic search domain as well (if ES is enabled).\n ...(elasticSearchEnabled\n ? [\n {\n Sid: \"PermissionForES\",\n Effect: \"Allow\" as const,\n Action: \"es:*\",\n Resource: [\n pulumi.interpolate`${core.elasticsearchDomainArn}`,\n pulumi.interpolate`${core.elasticsearchDomainArn}/*`\n ]\n }\n ]\n : [])\n ]\n };\n\n return policy;\n })\n }\n });\n}\n"],"mappings":";;;;;;;;;AAAA,IAAAA,IAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,uBAAA,CAAAC,OAAA;AACA,IAAAE,GAAA,GAAAH,uBAAA,CAAAC,OAAA;AAGA,IAAAG,aAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AALA;;AAaO,MAAMQ,cAAc,GAAG,IAAAC,wBAAe,EAAC;EAC1CC,IAAI,EAAE,gBAAgB;EACtBC,MAAMA,CAACC,GAAc,EAAEC,MAAyB,EAAE;IAC9C,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;IAEtCJ,GAAG,CAACK,UAAU,CAAC,MAAM;MACjB,MAAMC,qBAAqB,GAAGpB,IAAI,CAACqB,IAAI,CAACrB,IAAI,CAACsB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,oBAAoB,CAAC;MACrF;MACA,IAAAC,mCAAqB,EAACH,qBAAqB,CAAC;MAE5C,IAAIhB,GAAG,CAACoB,EAAE,CAACC,YAAY,CAAC,sBAAsB,EAAE;QAC5CC,GAAG,EAAE,oBAAoB;QACzBC,MAAM,EAAEX,IAAI,CAACY,mBAAmB;QAChCC,WAAW,EAAE,0BAA0B;QACvCC,MAAM,EAAE,IAAI3B,MAAM,CAAC4B,KAAK,CAACC,SAAS,CAACZ,qBAAqB;MAC5D,CAAC,CAAC;IACN,CAAC,CAAC;IAEF,MAAMa,eAAe,GAAGC,qBAAqB,CAACpB,GAAG,EAAEC,MAAM,CAAC;IAC1D,MAAMoB,eAAe,GAAGC,qBAAqB,CAACtB,GAAG,EAAEC,MAAM,CAAC;IAE1D,OAAO;MACHsB,MAAM,EAAEJ,eAAe;MACvBK,MAAM,EAAEH;IACZ,CAAC;EACL;AACJ,CAAC,CAAC;AAACI,OAAA,CAAA7B,cAAA,GAAAA,cAAA;AAEH,SAASwB,qBAAqBA,CAACpB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAEtC,MAAMsB,MAAM,GAAGC,wBAAwB,CAAC3B,GAAG,CAAC;EAC5C,MAAM4B,IAAI,GAAG,IAAAC,6BAAgB,EAAC7B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B4B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMC,OAAO,GAAG/B,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2C,MAAM,CAACC,QAAQ,EAAE;IACjDpC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAIpD,MAAM,CAAC4B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIrD,MAAM,CAAC4B,KAAK,CAAC0B,WAAW,CAC7BzD,IAAI,CAACqB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACLjD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACY;QAAmB,EACrC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMyC,OAAO,GAAGvD,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2C,MAAM,CAACC,QAAQ,EAAE;IACjDpC,IAAI,EAAE,mBAAmB;IACzBC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,kCAAkC;MAC/CC,IAAI,EAAE,IAAIpD,MAAM,CAAC4B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIrD,MAAM,CAAC4B,KAAK,CAAC0B,WAAW,CAC7BzD,IAAI,CAACqB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACLjD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACY,mBAAmB;UACnC0C,sBAAsB,EAAEzB,OAAO,CAACD,MAAM,CAACK;QAAG,EAC5C;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN+B,SAAS,EAAE;MACPF,OAAO;MACPxB;IACJ;EACJ,CAAC;AACL;AAEA,SAASJ,wBAAwBA,CAAC3B,GAAc,EAAE;EAC9C,MAAME,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMsD,YAAY,GAAG,IAAAC,yBAAe,EAAC3D,GAAG,CAAC;EACzC,MAAM4D,SAAS,GAAG,IAAAC,sBAAY,EAAC7D,GAAG,CAAC;EAEnC,MAAM8D,oBAAoB,GAAG,CAAC,CAAC9D,GAAG,CAACC,MAAM,CAAC8D,MAAM,CAACC,aAAa;EAE9D,OAAOhE,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnCpE,IAAI,EAAE,0BAA0B;IAChCC,MAAM,EAAE;MACJyC,WAAW,EAAE,wCAAwC;MACrDd,MAAM,EAAE;QACJyC,OAAO,EAAE,YAAY;QACrBC,SAAS,EAAE,CACP;UACIC,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACwE,uBAAwB,EAAC,EACnDrF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACwE,uBAAwB,IAAG;QAE7D,CAAC,EACD;UACIL,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;UACDC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,gBAAevE,IAAI,CAACY,mBAAoB,IAAG;UAC9D;UACAzB,MAAM,CAACoF,WAAY,gBAAevE,IAAI,CAACY,mBAAoB,EAAC;QAEpE,CAAC,EACD;UACIuD,GAAG,EAAE,qBAAqB;UAC1BC,MAAM,EAAE,OAAO;UACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;UACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;QAC5E,CAAC;QACD;QACA,IAAII,oBAAoB,GAClB,CACI;UACIO,GAAG,EAAE,iBAAiB;UACtBC,MAAM,EAAE,OAAgB;UACxBC,MAAM,EAAE,MAAM;UACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACyE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACyE,sBAAuB,IAAG;QAE5D,CAAC,CACJ,GACD,EAAE,CAAC;MAEjB;IACJ;EACJ,CAAC,CAAC;AACN;AAEA,SAASrD,qBAAqBA,CAACtB,GAAc,EAAEC,MAAyB,EAAE;EACtE,MAAMC,IAAI,GAAGF,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EACtC,MAAMsB,MAAM,GAAGkD,wBAAwB,CAAC5E,GAAG,CAAC;EAC5C,MAAM4B,IAAI,GAAG,IAAAC,6BAAgB,EAAC7B,GAAG,EAAE;IAC/BF,IAAI,EAAE,uBAAuB;IAC7B4B,MAAM,EAAEA,MAAM,CAACI;EACnB,CAAC,CAAC;EAEF,MAAMyB,OAAO,GAAGvD,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2C,MAAM,CAACC,QAAQ,EAAE;IACjDpC,IAAI,EAAE,yBAAyB;IAC/BC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,sCAAsC;MACnDC,IAAI,EAAE,IAAIpD,MAAM,CAAC4B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIrD,MAAM,CAAC4B,KAAK,CAAC0B,WAAW,CAC7BzD,IAAI,CAACqB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,kCAAkC,CACrE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACLjD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACY;QAAmB,EACrC;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMiD,MAAM,GAAG/D,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2C,MAAM,CAACC,QAAQ,EAAE;IAChDpC,IAAI,EAAE,wBAAwB;IAC9BC,MAAM,EAAE;MACJ6B,IAAI,EAAEA,IAAI,CAACE,MAAM,CAACK,GAAG;MACrBC,OAAO,EAAE,YAAY;MACrBC,OAAO,EAAE,iBAAiB;MAC1BC,OAAO,EAAE,EAAE;MACXC,UAAU,EAAE,GAAG;MACfC,WAAW,EAAE,qCAAqC;MAClDC,IAAI,EAAE,IAAIpD,MAAM,CAAC4B,KAAK,CAACyB,YAAY,CAAC;QAChC,GAAG,EAAE,IAAIrD,MAAM,CAAC4B,KAAK,CAAC0B,WAAW,CAC7BzD,IAAI,CAACqB,IAAI,CAACP,GAAG,CAAC4C,KAAK,CAACC,SAAS,EAAE,iCAAiC,CACpE;MACJ,CAAC,CAAC;MACFC,WAAW,EAAE;QACTC,SAAS,EAAE,IAAAC,wCAA2B,EAAC,CAAC,CAACC,KAAK,CAACC,KAAK,QAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MAC7CF,KAAK,GACLjD,MAAM,CAACoD,GAAG;UACbC,SAAS,EAAEpD,IAAI,CAACY,mBAAmB;UACnC+D,4BAA4B,EAAEtB,OAAO,CAACzB,MAAM,CAACK;QAAG,EAClD;MACN;IACJ;EACJ,CAAC,CAAC;EAEF,OAAO;IACHP,IAAI;IACJF,MAAM;IACN+B,SAAS,EAAE;MACPM,MAAM;MACNR;IACJ;EACJ,CAAC;AACL;AAEA,SAASqB,wBAAwBA,CAAC5E,GAAc,EAAE;EAC9C,MAAM8E,UAAU,GAAG9E,GAAG,CAACG,SAAS,CAACC,kBAAU,CAAC;EAC5C,MAAMsD,YAAY,GAAG,IAAAC,yBAAe,EAAC3D,GAAG,CAAC;EACzC,MAAM4D,SAAS,GAAG,IAAAC,sBAAY,EAAC7D,GAAG,CAAC;EAEnC,MAAM8D,oBAAoB,GAAG,CAAC,CAAC9D,GAAG,CAACC,MAAM,CAAC8D,MAAM,CAACC,aAAa;EAE9D,OAAOhE,GAAG,CAACgC,WAAW,CAAC1C,GAAG,CAAC2E,GAAG,CAACC,MAAM,EAAE;IACnCpE,IAAI,EAAE,oBAAoB;IAC1BC,MAAM,EAAE;MACJyC,WAAW,EAAE,iEAAiE;MAC9E;MACAd,MAAM,EAAEoD,UAAU,CAAC7B,KAAK,CAAC/C,IAAI,IAAI;QAC7B,MAAMwB,MAA8B,GAAG;UACnCyC,OAAO,EAAE,YAAY;UACrBC,SAAS,EAAE,CACP;YACIC,GAAG,EAAE,uBAAuB;YAC5BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,uBAAuB,EACvB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,qBAAqB,CACxB;YACDC,QAAQ,EAAE,CACL,GAAEtE,IAAI,CAACwE,uBAAwB,EAAC,EAChC,GAAExE,IAAI,CAACwE,uBAAwB,IAAG;YACnC;YACA,IAAIxE,IAAI,CAAC6E,6BAA6B,GAChC,CACK,GAAE7E,IAAI,CAAC6E,6BAA8B,EAAC,EACtC,GAAE7E,IAAI,CAAC6E,6BAA8B,IAAG,CAC5C,GACD,EAAE,CAAC;UAEjB,CAAC,EACD;YACIV,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CACJ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,CAClB;YACDC,QAAQ,EAAE,CACL,gBAAetE,IAAI,CAACY,mBAAoB,IAAG;YAC5C;YACC,gBAAeZ,IAAI,CAACY,mBAAoB,EAAC;UAElD,CAAC,EACD;YACIuD,GAAG,EAAE,qBAAqB;YAC1BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,CAAC,uBAAuB,CAAC;YACjCC,QAAQ,EAAEnF,MAAM,CAACoF,WAAY,kBAAiBb,SAAU,IAAGF,YAAa;UAC5E,CAAC,EACD;YACIW,GAAG,EAAE,yBAAyB;YAC9BC,MAAM,EAAE,OAAO;YACfC,MAAM,EAAE,eAAe;YACvBC,QAAQ,EAAG,GAAEtE,IAAI,CAAC8E,kBAAmB;UACzC,CAAC;UACD;UACA,IAAIlB,oBAAoB,GAClB,CACI;YACIO,GAAG,EAAE,iBAAiB;YACtBC,MAAM,EAAE,OAAgB;YACxBC,MAAM,EAAE,MAAM;YACdC,QAAQ,EAAE,CACNnF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACyE,sBAAuB,EAAC,EAClDtF,MAAM,CAACoF,WAAY,GAAEvE,IAAI,CAACyE,sBAAuB,IAAG;UAE5D,CAAC,CACJ,GACD,EAAE,CAAC;QAEjB,CAAC;QAED,OAAOjD,MAAM;MACjB,CAAC;IACL;EACJ,CAAC,CAAC;AACN"}
|